www.refundselection.com
Open in
urlscan Pro
156.55.92.236
Public Scan
Submitted URL: https://www.refundselection.com/refundselection/#/achBankInfo
Effective URL: https://www.refundselection.com/refundselection/
Submission: On August 24 via manual from US
Effective URL: https://www.refundselection.com/refundselection/
Submission: On August 24 via manual from US
Summary
This website contacted 24 IPs
in 6 countries
across 23 domains to perform 59 HTTP transactions.
The main IP is 156.55.92.236, located in
Lincoln, United States and
belongs to PNSHS, US.
The main domain is www.refundselection.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on April 9th 2020. Valid for: 2 years.
This is the only time www.refundselection.com was scanned on urlscan.io!
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on April 9th 2020. Valid for: 2 years.
This is the only time www.refundselection.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
18
156.55.92.236
(Lincoln, United States)
ASN46203 (PNSHS, US)
PTR: refundselection.com
ASN46203 (PNSHS, US)
PTR: refundselection.com
| www.refundselection.com |
2
2a02:26f0:6c00:2a6::1e80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| assets.adobedtm.com |
3
63.33.35.188
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
| higherone.tt.omtrdc.net |
2
13.36.218.177
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
| smetrics.higheroneaccount.com |
17
52.18.183.31
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
| d.adroll.mgr.consensu.org | |
| d.adroll.com |
2
2a03:2880:f01c:8012:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
2.18.234.21
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
1
69.173.144.138
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
1
18.156.147.57
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com
| pixel.advertising.com |
1
64.202.112.159
(United States)
ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
| sync.outbrain.com |
2
76.223.111.18
(United States)
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
| eb2.3lift.com |
2
18.184.112.76
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-112-76.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-112-76.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
2
185.33.220.243
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
2
216.58.212.130
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
| cm.g.doubleclick.net |
1
2a03:2880:f12d:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
2600:1f18:4457:4600:bdc7:a0c7:1575:8d22
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| api.levelaccess.net |
| Domain | Requested by | |
|---|---|---|
| 18 | www.refundselection.com |
www.refundselection.com
|
| 16 | d.adroll.com | 12 redirects |
| 8 | use.typekit.net |
www.refundselection.com
|
| 6 | s.adroll.com |
1 redirects
www.refundselection.com
s.adroll.com d.adroll.com |
| 3 | higherone.tt.omtrdc.net |
www.refundselection.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | x.bidswitch.net | 1 redirects |
| 2 | eb2.3lift.com | 1 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | connect.facebook.net |
d.adroll.com
connect.facebook.net |
| 2 | smetrics.higheroneaccount.com |
1 redirects
www.refundselection.com
|
| 2 | assets.adobedtm.com |
www.refundselection.com
assets.adobedtm.com |
| 1 | api.levelaccess.net |
cdn.levelaccess.net
|
| 1 | www.facebook.com | |
| 1 | ads.yahoo.com | |
| 1 | sync.taboola.com | |
| 1 | simage2.pubmatic.com | |
| 1 | sync.outbrain.com | |
| 1 | pixel.advertising.com | |
| 1 | pixel.rubiconproject.com | |
| 1 | d.adroll.mgr.consensu.org | 1 redirects |
| 1 | p.typekit.net |
www.refundselection.com
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | www.google.com |
www.refundselection.com
|
| 1 | cdn.levelaccess.net |
www.refundselection.com
|
| 59 | 26 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| refundselection.com RapidSSL TLS RSA CA G1 |
2020-04-09 - 2022-04-09 |
2 years | crt.sh |
| use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-16 - 2022-08-16 |
a year | crt.sh |
| cdn.levelaccess.net Amazon |
2021-03-01 - 2022-03-30 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
| www.google.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
| *.tt.omtrdc.net DigiCert SHA2 Secure Server CA |
2020-11-02 - 2021-11-09 |
a year | crt.sh |
| smetrics.higheroneaccount.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-13 - 2022-08-13 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-07-26 - 2021-10-18 |
3 months | crt.sh |
| *.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-16 - 2022-07-21 |
a year | crt.sh |
| adroll.com R3 |
2021-06-14 - 2021-09-12 |
3 months | crt.sh |
| adroll.mgr.consensu.org Amazon |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
| san.casalemedia.com GeoTrust RSA CA 2018 |
2021-02-05 - 2022-02-09 |
a year | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-30 - 2022-04-04 |
a year | crt.sh |
| pixel.advertising.com DigiCert SHA2 High Assurance Server CA |
2021-07-26 - 2022-01-19 |
6 months | crt.sh |
| *.outbrain.com Thawte RSA CA 2018 |
2019-10-29 - 2021-11-23 |
2 years | crt.sh |
| *.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2020-12-07 - 2021-12-14 |
a year | crt.sh |
| *.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
| *.3lift.com Amazon |
2021-06-12 - 2022-07-11 |
a year | crt.sh |
| *.ads.yahoo.com DigiCert SHA2 High Assurance Server CA |
2021-08-16 - 2021-10-06 |
2 months | crt.sh |
| *.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-23 - 2022-05-04 |
2 years | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
| api.levelaccess.net Amazon |
2021-03-01 - 2022-03-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.refundselection.com/refundselection/
Frame ID: A8C7B72F07433F83B329FD3FF8181CE3
Requests: 59 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-LATI/s87988492575781?AQB=1&ndh=1&t=24%2F7%2F2021%2014%3A56%3A58%202%20-120&fid=08CBFD609D4E5A89-1E8B04018A264F42&ce=UTF-8&ns=higheroneinc&g=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&cc=USD&server=www.refundselection.com&v4=New&c5=New&v9=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-LATI/s87988492575781?AQB=1&pccr=true&vidn=3092764D2E8C40B8-60000A87624CBCF3&ndh=1&t=24%2F7%2F2021%2014%3A56%3A58%202%20-120&fid=08CBFD609D4E5A89-1E8B04018A264F42&ce=UTF-8&ns=higheroneinc&g=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&cc=USD&server=www.refundselection.com&v4=New&c5=New&v9=D%3Dg&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
- https://s.adroll.com/j/exp/UQP62OWII5HKHHO3IKJTDG/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/UQP62OWII5HKHHO3IKJTDG?_s=37924062d4a877dcf700449d27843b3f&_b=2 HTTP 302
- https://d.adroll.com/consent/check/UQP62OWII5HKHHO3IKJTDG/?_s=37924062d4a877dcf700449d27843b3f&_b=2
- https://d.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&pv=55288714565.53921&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/UP3EVLAUMZBWBHQ657EG6T.js
- https://d.adroll.com/cm/index/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&expiration=1661345819 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&expiration=1661345819&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&expires=365
- https://d.adroll.com/cm/onevideo/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/r/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc
- https://d.adroll.com/cm/x/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=NTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTQ2ZDkyODUxY2VjMzA5NWJiNzU0ZjRmMzBlMzNkNDc
- https://d.adroll.com/cm/g/out?adroll_fpc=d6f99a7141ef8e55b038508e7f6dd499-1629809819587&arrfrr=https%3A%2F%2Fwww.refundselection.com%2Frefundselection%2F%23%2FachBankInfo&xid_ch=f&advertisable=UQP62OWII5HKHHO3IKJTDG&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VVM1hZMWsJtTP7cZ-TAWsg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=VVM1hZMWsJtTP7cZ-TAWsg&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
www.refundselection.com/refundselection/ |
13 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yfk8nia.js
use.typekit.net/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
access.js
cdn.levelaccess.net/accessjs/YW1wMTI1ODM/ |
451 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-dffaaab45b5e.min.js
assets.adobedtm.com/accbe116c75f/433b334d9a70/ |
78 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
at.js
www.refundselection.com/scripts/ |
126 KB 127 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
www.refundselection.com/refundselection/css/ |
107 KB 107 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
activation.css
www.refundselection.com/refundselection/css/ |
35 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
animate.css
www.refundselection.com/refundselection/css/ |
71 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
media-queries.css
www.refundselection.com/refundselection/css/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
activation5.css
www.refundselection.com/refundselection/css/ |
51 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sso-landing.css
www.refundselection.com/refundselection/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rs-w18.css
www.refundselection.com/refundselection/css/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trust-explain-shared-secret-test.css
www.refundselection.com/refundselection/css/ |
110 KB 110 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rs-buttons.css
www.refundselection.com/refundselection/css/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
survey2021.css
www.refundselection.com/refundselection/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
compressedGenLib.js
www.refundselection.com/sbundles/gzip_331081375/bundles/ |
463 KB 146 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
compressedStyleLib.js
www.refundselection.com/sbundles/gzip_N193473758/bundles/ |
38 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
www.refundselection.com/sbundles/gzip_1483875092/bundles/ |
226 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
852 B 658 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EX4705f8d2ea1c41c1b1e570e66074e1cf-libraryCode_source.min.js
assets.adobedtm.com/accbe116c75f/433b334d9a70/ba140fb230a5/ |
36 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
higherone.tt.omtrdc.net/m2/higherone/mbox/ |
96 B 403 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
Cookie set
ccvfConstraint
www.refundselection.com/rsws/ |
657 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s87988492575781
smetrics.higheroneaccount.com/b/ss/higheroneaccountprod/1/H.26.2-LATI/ Redirect Chain
|
43 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/919204/00000000000000003b9aefc2/27/ |
31 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/ef3ae3/00000000000000003b9aefc3/27/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ |
31 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/b230ac/00000000000000000000ec0f/27/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/53dec0/0000000000000000000100fe/27/ |
16 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/aa4f4e/000000000000000000012043/27/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
achBankInfo.html
www.refundselection.com/refundselection/partials/stage3/ach/ |
711 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footer.html
www.refundselection.com/refundselection/partials/stage1/ |
851 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ |
340 KB 340 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
44 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
d.adroll.com/consent/check/UQP62OWII5HKHHO3IKJTDG/ Redirect Chain
|
395 B 864 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
higherone.tt.omtrdc.net/m2/higherone/mbox/ |
48 B 354 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
higherone.tt.omtrdc.net/m2/higherone/mbox/ |
48 B 354 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UP3EVLAUMZBWBHQ657EG6T.js
s.adroll.com/pixel/UQP62OWII5HKHHO3IKJTDG/3EBAB2NVHRFJDEFDRWNWLB/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sendrolling.js
s.adroll.com/j/ |
11 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
pixel.advertising.com/ups/55980/ Redirect Chain
|
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 477 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 221 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v1
ads.yahoo.com/cms/ Redirect Chain
|
0 445 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 343 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
out
d.adroll.com/cm/l/ |
42 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
out
d.adroll.com/cm/o/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 537 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
292945261143890
connect.facebook.net/signals/config/ |
253 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
results
api.levelaccess.net/analytics/3.0/ |
0 261 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
117 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| isAllowRefundselectionWhenCorebankIsDown string| styleID object| style boolean| cookieEnabled function| cookie function| findGetParameter object| sessionMboxParams function| manageStylesheets function| removeOpacity object| token object| clientcode object| Typekit object| $jscomp function| $jscomp$lookupPolyfilledValue object| LevelAccess_AccessJS_AccessEngine object| LevelAccess_AccessJS_FixPackage object| LevelAccess_AccessJS_OrgDetails object| LevelAccess_AccessJS string| AccNamePrototypeNameSpace object| LevelAccess_CalcNames object| _satellite boolean| __satelliteLoaded object| adobe function| mboxDefine function| mboxUpdate function| mboxCreate function| getAnalyticsAccount function| s_doPlugins function| s_gi function| s_giqf string| s_account object| s string| s_objectID string| s_code string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq function| sprintf function| vsprintf function| $ function| jQuery object| angular function| _ function| moment object| jQuery111109790093677025828 object| html5 object| respond object| dataLayer object| app object| activationControllers object| coreDirectives function| ccvfConstraintService object| $retrievedConstraints undefined| $street1MaxLength undefined| $street1AllowedChars undefined| $street1AllowedCharsMessage undefined| $street2MaxLength undefined| $street2AllowedChars undefined| $street2AllowedCharsMessage undefined| $cityMaxLength undefined| $cityAllowedChars undefined| $cityAllowedCharsMessage undefined| validRoutingNumber undefined| validSSN object| retrievedConstraints string| adroll_adv_id string| adroll_pix_id function| targetPageParams object| experiences string| j string| k object| s_i_0_higheroneinc object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid function| fbq function| _fbq8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .refundselection.com/ | Name: gpv_v11 Value: no%20value |
|
| .refundselection.com/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
| .refundselection.com/ | Name: s_nr Value: 1629809818689-New |
|
| .refundselection.com/ | Name: s_fid Value: 08CBFD609D4E5A89-1E8B04018A264F42 |
|
| .refundselection.com/ | Name: s_cc Value: true |
|
| www.refundselection.com/ | Name: JSESSIONID Value: B6320F308B2682DDAC4882B90904C89C.dsapphvn1-appds04_ds01 |
|
| www.refundselection.com/ | Name: mid Value: MFQxDqke7c7q3SOfoYyPXTLY-v1 |
|
| .refundselection.com/ | Name: mbox Value: session#7491d77ddb8141afa8157f3c27d6b557#1629811679 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 ; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | sameorigin |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
api.levelaccess.net
assets.adobedtm.com
cdn.levelaccess.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
higherone.tt.omtrdc.net
ib.adnxs.com
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
smetrics.higheroneaccount.com
sync.outbrain.com
sync.taboola.com
use.typekit.net
www.facebook.com
www.google.com
www.gstatic.com
www.refundselection.com
x.bidswitch.net
13.36.218.177
141.226.228.48
156.55.92.236
18.156.147.57
18.184.112.76
185.33.220.243
185.64.189.110
2.18.234.21
216.58.212.130
2600:1f18:4457:4600:bdc7:a0c7:1575:8d22
2600:9000:21f3:ea00:1:fb61:2b80:93a1
2a00:1288:80:800::7001
2a00:1450:4001:808::2003
2a00:1450:4001:827::2004
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:2a6::1e80
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:baab
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.18.183.31
63.33.35.188
64.202.112.159
69.173.144.138
76.223.111.18
01af27eb02a06768e41f0a5c2c10fd70edbc49813ddf3036fa455b333222b09f
08c258c725e7460f04658ea12df37a9da776cbe8da6e90ef573f73c588b2e630
0b2aceff926d657860c5cfba54ba2366038c052b5a2c16ba3ea70c075da15416
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf
222f47a5e4e424714c9f9198001e343610ab1616ac4c7f585c85ab70ff616e1a
28e52125afdad5e50b6e527d1cde6af4967895d49a2fe320cdd41f36c7f54e11
2999380d93a754b9222caf139c167774f97cfb57edbf5305e7e8cc1741f85ebf
2a4b572d1c8199350cf0d3b94dde20d0e80563d8bb457666c0933978adf9c96e
2ad726af10a3a69bb4c9dcd4116a4ef5a404a9967712dfd0465adeaeadbde00c
2f7df484cec2b317e3853ded3d2906aec8dac433d5a3221076ec8b67ecaab089
363ddcdad8fa8db6500ad554923cc22ab4bf968c15aa09c63e26a74cd5556b62
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3e26e046f6e08fda02a0ec7f73f44d2f64267bb9dd030ee815f32279f7ebd758
46055d9d932e251439250d0c73292c5d9c7b64614e86bca3fc2ca9e1f54f7b0a
4971a8e0a29d06973197b955c0c1cb78426746026e130cc81c769cc050972e33
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ee914a6907146554d865e40a0cdc95047d859959505d7cdb24d69836597b5e1
5132b5a2fb364a02fcc77a35af97376135e2760a2f7baba0284e3d490caac540
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b8a8299d409f1376182de73e4a3ec3420296155ba2cd9b29a490ff0d8f7b417
5cad40acbc8d167c8aebacfee58271ecb9c5f43868a458df250630cd94f5c50c
727303a415c16a92bb45ebba7c3a46ed74ce38e7bf46894fcd055952a29d943e
8380f8262369601af5a77d9b675552065e3fe95d08d309ee80f684aedfa550e4
8853f7bc37320f027ede28752c547f44c7f3765f44f9b42d494e1e08cbe893a9
8d65ad481496fe91333b56b3e3f92404a17ba2dddb5f29b8a17201b4af730cc7
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ff0b5d88301ec582cdde1539f359ccb6ba3863b3e49ca774435a063ad9cab72
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b256f6c414c7997c6bae8c4039381db737b45f3953293c845594cd24a3d8802f
b5bb676613a05928e232626d1d29e0a9c42262b08a6533384d5acb89d9c747cf
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c04b8d937f8fae8ee529150c99e9994b2791022d6c9e2749aa47510668474042
c5c9fb8abc90fb7bf1b95d10f8bbdc304223e9ae82a72b90f38da328dbd10c9e
c63c46eefb8e0ec226d5e9a2b1baf334a54cf48ec8ff139606efea71d716def1
c7e8c0ff8f7f132554837bb763e837ec5e7305fe908d0b9cc777dd611f31d3e9
d1129bf5908724a3742846768d0aa2c782e813695dd00cf4f3416837237008f3
d6995ec349addc6751c08213b9e265dc8146085308d44ce8ec678f311d05da53
e07f8340fa5b00438d3cf58b54d58a5a3e69a2c218bd140dc66af14dc08aebcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f89cfc78ba154e24d48856d1c7766aa03c794dcb81d8be1cc3e8f9f9a6e021
e948e5869da246bfe815e9957eb26f2782c0954928aa6b073cc1243e9ad8821e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f64d427c92523c7e3f2b0ec8f799747715f61c0d234e206c18001908afe8c78c