www.onpointcu.com
Open in
urlscan Pro
2606:4700::6812:cbb
Public Scan
Submitted URL: http://links.mail.digitalintersection.com/els/v2/Yw6WMbaDxDQm/TjBoTmdrVW9UMkZoRDhOdFpkTy9uYkM0SHFHYjg5cFcwbjJRdE5SUUdqM1BLQ2dtRmJvQ0xCVERT...
Effective URL: https://www.onpointcu.com/credit-cards/
Submission: On November 29 via api from US — Scanned from DE
Effective URL: https://www.onpointcu.com/credit-cards/
Submission: On November 29 via api from US — Scanned from DE
Summary
This website contacted 38 IPs
in 6 countries
across 37 domains to perform 94 HTTP transactions.
The main IP is 2606:4700::6812:cbb, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.onpointcu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2021. Valid for: a year.
This is the only time www.onpointcu.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2021. Valid for: a year.
This is the only time www.onpointcu.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
74.112.69.44
(United States)
ASN19795 (ACOUSTIC-ATL-01, US)
PTR: recp.rm02.net
ASN19795 (ACOUSTIC-ATL-01, US)
PTR: recp.rm02.net
| links.mail.digitalintersection.com |
1
143.204.98.81
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-81.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-81.fra50.r.cloudfront.net
| www.formstack.com |
2
2a00:1450:4001:82a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
2a00:1450:4001:831::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
142.250.74.198
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
| 10017083.fls.doubleclick.net |
2
104.111.234.67
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com
| munchkin.marketo.net |
10
193.0.160.129
(United States)
ASN54312 (ROCKETFUEL, US)
ASN54312 (ROCKETFUEL, US)
| 20835021p.rfihub.com | |
| a.rfihub.com | |
| p.rfihub.com | |
| 20829752p.rfihub.com |
2
185.33.221.91
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| secure.adnxs.com |
2
142.250.185.226
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
| cm.g.doubleclick.net |
3
185.33.220.100
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
4
104.111.215.191
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
| stags.bluekai.com | |
| x.dlx.addthis.com |
2
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
3
34.247.11.172
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-11-172.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-11-172.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
18.184.216.10
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
| ps.eyeota.net |
2
184.30.24.22
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
| contextual.media.net |
2
52.6.91.228
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-91-228.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-91-228.compute-1.amazonaws.com
| bs.serving-sys.com |
2
3.211.82.118
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-82-118.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-82-118.compute-1.amazonaws.com
| bpi.rtactivate.com |
3
2.18.234.21
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
2
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
2
2600:1f18:612b:4200:43f8:c79a:f116:17d6
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| partners.tremorhub.com |
2
18.169.90.17
(London, United Kingdom)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-90-17.eu-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-90-17.eu-west-2.compute.amazonaws.com
| aa.agkn.com |
2
52.19.142.33
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-142-33.eu-west-1.compute.amazonaws.com
| beacon.krxd.net |
3
18.196.134.58
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-134-58.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-134-58.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
2
2a03:2880:f02d:12:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
18.210.254.78
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-254-78.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-254-78.compute-1.amazonaws.com
| api.ipstack.com |
1
143.204.98.95
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net
| live.rezync.com |
1
2a03:2880:f12d:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Domain | Requested by | |
|---|---|---|
| 23 | www.onpointcu.com |
www.onpointcu.com
|
| 6 | p.rfihub.com |
2 redirects
www.onpointcu.com
|
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 4 | www.google-analytics.com |
www.googletagmanager.com
cds-sdkcfg.onlineaccess1.com www.onpointcu.com |
| 3 | sync-tm.everesttech.net | 3 redirects |
| 3 | x.bidswitch.net |
1 redirects
www.onpointcu.com
20829752p.rfihub.com |
| 3 | sync.search.spotxchange.com |
1 redirects
www.onpointcu.com
20829752p.rfihub.com |
| 3 | dsum-sec.casalemedia.com |
1 redirects
www.onpointcu.com
20829752p.rfihub.com |
| 3 | dpm.demdex.net |
1 redirects
www.onpointcu.com
20829752p.rfihub.com |
| 3 | ib.adnxs.com |
1 redirects
www.onpointcu.com
20829752p.rfihub.com |
| 3 | 10017083.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
www.onpointcu.com |
| 2 | connect.facebook.net |
www.onpointcu.com
connect.facebook.net |
| 2 | beacon.krxd.net |
10017083.fls.doubleclick.net
www.onpointcu.com |
| 2 | aa.agkn.com |
10017083.fls.doubleclick.net
20829752p.rfihub.com |
| 2 | partners.tremorhub.com |
10017083.fls.doubleclick.net
www.onpointcu.com |
| 2 | x.dlx.addthis.com |
10017083.fls.doubleclick.net
20829752p.rfihub.com |
| 2 | idsync.rlcdn.com |
10017083.fls.doubleclick.net
20829752p.rfihub.com |
| 2 | bpi.rtactivate.com |
10017083.fls.doubleclick.net
20829752p.rfihub.com |
| 2 | bs.serving-sys.com |
10017083.fls.doubleclick.net
www.onpointcu.com |
| 2 | contextual.media.net |
10017083.fls.doubleclick.net
20829752p.rfihub.com |
| 2 | ps.eyeota.net |
www.onpointcu.com
|
| 2 | pixel.rubiconproject.com |
10017083.fls.doubleclick.net
www.onpointcu.com |
| 2 | stags.bluekai.com | 2 redirects |
| 2 | a.rfihub.com |
www.onpointcu.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | secure.adnxs.com |
1 redirects
www.onpointcu.com
|
| 2 | c1.rfihub.net |
10017083.fls.doubleclick.net
www.onpointcu.com |
| 2 | munchkin.marketo.net |
www.onpointcu.com
munchkin.marketo.net |
| 2 | www.googletagmanager.com |
www.onpointcu.com
www.googletagmanager.com |
| 2 | script.crazyegg.com |
www.onpointcu.com
cds-sdkcfg.onlineaccess1.com |
| 1 | www.facebook.com |
www.onpointcu.com
|
| 1 | live.rezync.com |
www.onpointcu.com
|
| 1 | 20829752p.rfihub.com |
c1.rfihub.net
|
| 1 | api.ipstack.com |
www.onpointcu.com
|
| 1 | fast.fonts.net |
www.onpointcu.com
|
| 1 | 20835021p.rfihub.com |
c1.rfihub.net
|
| 1 | 342-khb-372.mktoresp.com |
munchkin.marketo.net
|
| 1 | adservice.google.com |
10017083.fls.doubleclick.net
|
| 1 | stats.g.doubleclick.net |
cds-sdkcfg.onlineaccess1.com
|
| 1 | fonts.googleapis.com |
ajax.googleapis.com
|
| 1 | ajax.googleapis.com |
www.onpointcu.com
|
| 1 | www.formstack.com |
www.onpointcu.com
|
| 1 | cds-sdkcfg.onlineaccess1.com |
www.onpointcu.com
|
| 1 | links.mail.digitalintersection.com | 1 redirects |
| 94 | 44 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| onpointcu.com Cloudflare Inc ECC CA-3 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
| *.onlineaccess1.com DigiCert SHA2 Secure Server CA |
2020-05-31 - 2022-06-08 |
2 years | crt.sh |
| *.formstack.com Amazon |
2021-05-19 - 2022-06-17 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-05-09 - 2022-05-08 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.marketo.net DigiCert SHA2 Secure Server CA |
2021-03-29 - 2022-04-06 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.rfihub.net Sectigo RSA Domain Validation Secure Server CA |
2021-02-10 - 2022-02-10 |
a year | crt.sh |
| *.mktoresp.com DigiCert SHA2 Secure Server CA |
2020-01-17 - 2022-01-21 |
2 years | crt.sh |
| *.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-18 - 2022-06-18 |
2 years | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-30 - 2022-04-04 |
a year | crt.sh |
| *.media.net DigiCert SHA2 Secure Server CA |
2021-04-12 - 2022-04-20 |
a year | crt.sh |
| bs.serving-sys.com Amazon |
2021-05-20 - 2022-06-18 |
a year | crt.sh |
| rtactivate.com Amazon |
2021-05-13 - 2022-06-11 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-25 - 2022-03-28 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2021-11-24 - 2022-04-26 |
5 months | crt.sh |
| *.tremorhub.com Amazon |
2021-06-27 - 2022-07-26 |
a year | crt.sh |
| *.agkn.com RapidSSL RSA CA 2018 |
2020-07-25 - 2022-09-18 |
2 years | crt.sh |
| beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-03 - 2022-11-02 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-07 - 2021-12-06 |
3 months | crt.sh |
| apilayer.net Amazon |
2021-09-10 - 2022-10-09 |
a year | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
| san.casalemedia.com GeoTrust RSA CA 2018 |
2021-02-05 - 2022-02-09 |
a year | crt.sh |
| *.search.spotxchange.com GeoTrust RSA CA 2018 |
2021-04-08 - 2022-05-09 |
a year | crt.sh |
| *.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-23 - 2022-05-04 |
2 years | crt.sh |
| *.rezync.com Amazon |
2021-01-26 - 2022-02-23 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.onpointcu.com/credit-cards/
Frame ID: F566DCF2EED46442CF0CC2391D43EFC3
Requests: 52 HTTP requests in this frame
Frame:
https://10017083.fls.doubleclick.net/activityi;dc_pre=CNXCoI_nvfQCFU7EGwod2cwBkQ;src=10017083;type=q32020;cat=credi0;ord=8490946600039;gtm=2wgba1;auiddc=1401237582.1638196927;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
Frame ID: 28E97C55F444B84FBD7181250EF2FFA6
Requests: 3 HTTP requests in this frame
Frame:
https://20835021p.rfihub.com/ca.html?ver=9&rb=43525&ca=20835021&_o=43525&_t=20835021&pe=https%3A%2F%2F10017083.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNXCoI_nvfQCFU7EGwod2cwBkQ%3Bsrc%3D10017083%3Btype%3Dq32020%3Bcat%3Dcredi0%3Bord%3D8490946600039%3Bgtm%3D2wgba1%3Bauiddc%3D1401237582.1638196927%3Bps%3D1%3B%7Eoref%3Dhttps%253A%252F%252Fwww.onpointcu.com%252Fcredit-cards%252F%3F&pf=https%3A%2F%2Fwww.onpointcu.com%2F&ra=15892907451413785
Frame ID: 2D1A9D62330BF58381E5EAF0C47C22E1
Requests: 20 HTTP requests in this frame
Frame:
https://20829752p.rfihub.com/ca.html?ver=9&rb=43525&ca=20829752&_o=43525&_t=20829752&pe=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F%23headerlogin%3Futm_source%3DAcoustic%26utm_medium%3DEmail%26utm_campaign%3DCURewards_Q4_2021_eStatement&pf=&ra=23920570725749468
Frame ID: F2918725CD9B1D7C507573D7FFC8A5DB
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Oregon & Washington Credit Cards - OnPoint Community Credit UnionPage URL History Show full URLs
-
http://links.mail.digitalintersection.com/els/v2/Yw6WMbaDxDQm/TjBoTmdrVW9UMkZoRDhOdFpkTy9uYkM0SHFHYjg5cFcwbjJRdE5SUUdq...
HTTP 302
https://www.onpointcu.com/credit-cards/ Page URL
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
URL: https://play.google.com/store/apps/details?id=com.onpointcommunitycreditunion5123.mobile
Search URL Search Domain Scan URL
URL: https://apps.apple.com/us/app/onpoint-new-mobile/id1243092558
Search URL Search Domain Scan URL
URL: https://secure.onpointcu.com/opccuonline_42/uux.aspx#/login/resetPasswordUsername
Title: Forgot password
Title: Forgot password
Search URL Search Domain Scan URL
URL: https://secure.onpointcu.com/opccuonline_42/sdk/IDologyAutoEnrollmentE2E
Title: Sign up
Title: Sign up
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.onpointcommunitycreditunion5123.mobile&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1
Search URL Search Domain Scan URL
URL: https://app.loanspq.com/cc/CreditCard.aspx?lenderref=ONPOINTCCU011720
Title: Apply online
Title: Apply online
Search URL Search Domain Scan URL
URL: https://www.consumerfinance.gov/learnmore
Title: https://www.consumerfinance.gov/learnmore
Title: https://www.consumerfinance.gov/learnmore
Search URL Search Domain Scan URL
URL: https://thegiftcardmanager.com/
Title: https://thegiftcardmanager.com/
Title: https://thegiftcardmanager.com/
Search URL Search Domain Scan URL
URL: http://www.curewards.com/
Title: www.curewards.com
Title: www.curewards.com
Search URL Search Domain Scan URL
URL: https://www.facebook.com/OnPointCU
Search URL Search Domain Scan URL
URL: https://twitter.com/OnPointCU
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/OnpointCreditUnion
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/onpoint-community-credit-union/
Search URL Search Domain Scan URL
URL: https://www.instagram.com/onpointcu/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.mail.digitalintersection.com/els/v2/Yw6WMbaDxDQm/TjBoTmdrVW9UMkZoRDhOdFpkTy9uYkM0SHFHYjg5cFcwbjJRdE5SUUdqM1BLQ2dtRmJvQ0xCVERTVmZYN0NkN1ZXc0tvRE9taWk3QjBPaDArOFJpcGhCcnFDK2dBa1pYR3FOTFpNM0FuY2M9S0/cVhDdEYxVWZkY2VMenZTb1N3TW81OXVyUjZzS0NYMWhTbDdQVjFLRXhVSnRhQm1kcGZ0cjZnbUZBT3hhTGFRZG01RWtJRlpiZUhOQ2ROTnRWbDRpUTBYTmNHQVFXUjVoVVFWbnJpOEFMeC8rbzI2dEQ0R2FLTUxta2dvRVg3bWRpa1BHSkpnMTcvN1QzZC9EVUgzcC9xbk5DdVVkczFvN3hsTkx0bDFGeDNRRFZXbDhsOUs3Q0h1aUhGVzk3RzBrS0
HTTP 302
https://www.onpointcu.com/credit-cards/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://10017083.fls.doubleclick.net/activityi;src=10017083;type=q32020;cat=credi0;ord=8490946600039;gtm=2wgba1;auiddc=1401237582.1638196927;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F HTTP 302
- https://10017083.fls.doubleclick.net/activityi;dc_pre=CNXCoI_nvfQCFU7EGwod2cwBkQ;src=10017083;type=q32020;cat=credi0;ord=8490946600039;gtm=2wgba1;auiddc=1401237582.1638196927;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
- https://secure.adnxs.com/px?id=1512364&seg=27411501&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1512364%26seg%3D27411501%26t%3D2
- https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxODk2MTU4NDQ4Mg==&forward= HTTP 302
- https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESELLGOXQfa0Zz6y8VwWlIXCY&google_cver=1
- https://ib.adnxs.com/setuid?entity=18&code=5142336718961584482 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336718961584482
- https://stags.bluekai.com/site/4722?id=5142336718961584482&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
- https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336718961584482&redir= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336718961584482&redir=
- https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
- https://ps.eyeota.net/match?uid=5142336718961584482&bid=omt9pi0
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336718961584482&forward= HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336718961584482&forward=&C=1
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336718961584482&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336718961584482&img=1&__user_check__=1&sync_id=86dae536-5122-11ec-b812-1afcdea00306
- https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336718961584482&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336718961584482&expires=30
- https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YaTmvwAINVpL8QBR HTTP 302
- https://p.rfihub.com/cm?in=1&pub=21653&userid=YaTmvwAINVpL8QBR&_test=YaTmvwAINVpL8QBR
- https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxODk2MTU4NDQ4Mg==&forward= HTTP 302
- https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESELLGOXQfa0Zz6y8VwWlIXCY&google_cver=1
- https://stags.bluekai.com/site/4722?id=5142336718961584482&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
- https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
- https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://p.rfihub.com/cm?in=1&pub=21653&userid=YaTmvwAINVpL8QBR
- https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
- https://ps.eyeota.net/match?uid=5142336718961584482&bid=omt9pi0
94 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.onpointcu.com/credit-cards/ Redirect Chain
|
178 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
cds-sdkcfg.onlineaccess1.com/ |
200 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wordpress-post.css
www.formstack.com/forms/css/2/ |
164 B 498 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_single_75741d1cdc42348f8b446c1fc0b43e71.css
www.onpointcu.com/wp-content/cache/autoptimize/css/ |
713 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.onpointcu.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
www.onpointcu.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8844.js
script.crazyegg.com/pages/scripts/0099/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9bcb625d-81de-48c2-ba0c-664558d197e3.woff2
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
45 KB 45 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
75c84254-5125-412c-bc24-56769ae3b627.woff2
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
16 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
65cde95a-ac33-4c65-8198-e37857968d1a.woff2
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
picturefill.min.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/bower_components/picturefill/dist/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search-icon.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
751 B 526 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close-icon.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
2 KB 514 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location_pin_icon.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
525 B 485 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OnPoint_Primary_One-Color_RGB-resized.png
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apple_app_store_icon.png
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google_play_icon.png
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
www.onpointcu.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
playTriangle.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
168 B 286 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframeResizer.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/bower_components/iframe-resizer/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
production.min.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/js/ |
202 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
www.onpointcu.com/wp-includes/js/ |
1 KB 848 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
201 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hero-credit-cards-onpoint-signature-visa-being-held-in-local-apartment-1049x670-1-1015x648.jpg
www.onpointcu.com/files/ |
103 KB 103 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fancy-checkmark.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
695 B 480 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
long-form-text-couple-traveling-enjoying-anywhere-access-with-their-OnPoint-credit-card-walking-up-a-mountain-near-a-small-coastal-town-540x300-1.jpg
www.onpointcu.com/files/ |
76 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mtiFontTrackingCode.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
650 B 547 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8844.json
script.crazyegg.com/pages/data-scripts/0099/ |
752 B 602 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
163 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=CNXCoI_nvfQCFU7EGwod2cwBkQ;src=10017083;type=q32020;cat=credi0;ord=8490946600039;gtm=2wgba1;auiddc=1401237582.1638196927;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
10017083.fls.doubleclick.net/ Frame 28E9 Redirect Chain
|
2 KB 893 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;register_conversion=1;src=10017083;type=q32020;cat=credi0;ord=8490946600039;gtm=2wgba1;auiddc=1401237582.1638196927;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
10017083.fls.doubleclick.net/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v24/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 440 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/161/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CNXCoI_nvfQCFU7EGwod2cwBkQ;src=10017083;type=q32020;cat=credi0;ord=8490946600039;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
adservice.google.com/ddm/fls/z/ Frame 28E9 |
42 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.min.js
c1.rfihub.net/js/ Frame 28E9 |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
visitWebPage
342-khb-372.mktoresp.com/webevents/ |
2 B 311 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ca.html
20835021p.rfihub.com/ Frame 2D1A |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Frame 2D1A Redirect Chain
|
43 B 1023 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
a.rfihub.com/ Frame 2D1A Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 2D1A Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame 2D1A Redirect Chain
|
42 B 976 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 2D1A |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame 2D1A Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Frame 2D1A Redirect Chain
|
0 344 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cksync.php
contextual.media.net/ Frame 2D1A |
45 B 614 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serving
bs.serving-sys.com/ Frame 2D1A |
0 105 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
bpi.rtactivate.com/tag/ Frame 2D1A |
43 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 2D1A Redirect Chain
|
43 B 1006 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
360947.gif
idsync.rlcdn.com/ Frame 2D1A |
42 B 417 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 2D1A |
43 B 191 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 2D1A Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
partners.tremorhub.com/ Frame 2D1A |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.pixel
aa.agkn.com/adscores/ Frame 2D1A |
43 B 238 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 2D1A |
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame 2D1A Redirect Chain
|
43 B 495 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame 2D1A Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.css
fast.fonts.net/t/ |
0 604 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.min.js
c1.rfihub.net/js/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check
api.ipstack.com/ |
966 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ca.html
20829752p.rfihub.com/ Frame F291 |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1819295225043615
connect.facebook.net/signals/config/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
a.rfihub.com/ Frame F291 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
setuid
ib.adnxs.com/ Frame F291 |
43 B 996 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame F291 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1121&dpuuid=5142336718961584482&redir=
dpm.demdex.net/ Frame F291 |
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cksync.php
contextual.media.net/ Frame F291 |
45 B 451 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
bpi.rtactivate.com/tag/ Frame F291 |
43 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame F291 |
43 B 886 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
360947.gif
idsync.rlcdn.com/ Frame F291 |
42 B 287 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rocketfuel_sync
x.dlx.addthis.com/e/ Frame F291 |
43 B 191 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame F291 |
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.pixel
aa.agkn.com/adscores/ Frame F291 |
43 B 237 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ Frame F291 |
43 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame F291 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
live.rezync.com/ Frame F291 |
42 B 520 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame F291 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Frame F291 Redirect Chain
|
0 344 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serving
bs.serving-sys.com/ Frame F291 |
0 104 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
partners.tremorhub.com/ Frame F291 |
43 B 182 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame F291 |
0 337 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 407 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings function| q2_collect undefined| $ function| jQuery object| dataLayer function| preLogonRequest function| getCookie object| lastUserName object| tribe_l10n_datatables string| MTIProjectId object| WebFont boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| iFrameResize object| phpVariables object| activepromos object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| picturefillCFG function| picturefill string| projectId object| mtiTracking function| PixInview object| stickyNav function| Fuse object| Mustache function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| DOMPurify function| Waypoint boolean| load_alert_overlay boolean| just_text_overlay number| alert_overlay_close_expire_cookie number| alert_overlay_cookie_not_show undefined| formId function| fbq function| _fbq function| onYouTubeIframeAPIReady function| _rfi boolean| isExternalLink number| j object| featRatesSliderSettings string| featRatesSlider function| reloadFeatRatesSlider function| initFeatRatesSlider number| accordsTogglesLength function| openAccords function| closedAccords function| accordsToggle function| initAccords function| requestAnimFrame string| waypointContextKey function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP37 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .onpointcu.com/ | Name: _gcl_au Value: 1.1.1401237582.1638196927 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnySz32pAg3-pN6GKyaYUx0j-_joERn_JieLb77m1kKu6ox6wKnbJ8GqghV5wY |
|
| .onpointcu.com/ | Name: _gid Value: GA1.2.2020441954.1638196927 |
|
| .onpointcu.com/ | Name: _gat_UA-58566926-1 Value: 1 |
|
| .onpointcu.com/ | Name: _ga_S95M0BWNFN Value: GS1.1.1638196926.1.0.1638196926.0 |
|
| .onpointcu.com/ | Name: _ga Value: GA1.1.407653709.1638196927 |
|
| .onpointcu.com/ | Name: _mkto_trk Value: id:342-KHB-372&token:_mch-onpointcu.com-1638196927216-51309 |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tLA0MzS1MDGxMBLiM9QNdM3LSPM2NysOyPWW4jU0M7YwtDSzNDI3NjIHAOajWyM0AAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tLA0MzS1MDGxMBLiM9QNdM3LSPM2NysOyPUGAMpIuqslAAAA |
|
| .media.net/ | Name: visitor-id Value: 2811985279538313000V10 |
|
| .media.net/ | Name: data-rk Value: 5142336718961584482~~3 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/YErk#WF']wIg2Illk*+x.!]tbPl1MNu::wpAk`W=ifSt1mlxIuiglApZe8OQeD2su'bpj?n!AXTO:4=sB!'2Or6@3%_ |
|
| .adnxs.com/ | Name: uuid2 Value: 3525103809996823344 |
|
| .rlcdn.com/ | Name: rlas3 Value: pPVjToPJCYVzPGDMyduqqj/5wgX8Ix864hwrPUc1oI8= |
|
| .rlcdn.com/ | Name: pxrc Value: CAA= |
|
| .casalemedia.com/ | Name: CMID Value: YaTmv.CiwIsEqDKove4dyAAA |
|
| .casalemedia.com/ | Name: CMPS Value: 5205 |
|
| .demdex.net/ | Name: demdex Value: 44102595453411198653908283231403965566 |
|
| .eyeota.net/ | Name: SERVERID Value: 23940~DM |
|
| .spotxchange.com/ | Name: audience Value: 86dae4ef-5122-11ec-b812-1afcdea00306 |
|
| .casalemedia.com/ | Name: CMPRO Value: 1212 |
|
| .casalemedia.com/ | Name: CMST Value: YaTmv2Gk5r8A |
|
| .casalemedia.com/ | Name: CMRUM3 Value: 3961a4e6bf27605142336718961584482 |
|
| .dpm.demdex.net/ | Name: dpm Value: 44102595453411198653908283231403965566 |
|
| .bidswitch.net/ | Name: tuuid Value: df3319eb-2994-4ced-935c-606695504052 |
|
| .bidswitch.net/ | Name: c Value: 1638196927 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1638196927 |
|
| .krxd.net/ | Name: _kuid_ Value: OgsuHdqN |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YaTmvwAINVpL8QBR |
|
| .fonts.net/ | Name: __cf_bm Value: rSruOxczavImCPfyc.jhysOUErS3m0FJOAKFQ.R61kg-1638196927-0-AQjsz8WeZlYVxj8Wo1EGY0d3+yLEJD1sOf7ASQa58ac3GeKQJUOAyM1dg4WFgtlzrwJMFqQA+s4l6a1FxHlOMkM= |
|
| .rfihub.com/ | Name: smd Value: H4sIAAAAAAAAAOPiNTQztjC0NLM0Mjc3tDBC4lpaGgAAYJbNMR4AAAA |
|
| .rfihub.com/ | Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129fFx948ITEs0iKoyq7QIKw_P8YxwjlTiVIl38o4PDfV0AQBPui_5KQAAAA |
|
| .rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129fFx948ITEs0iKoyq7QIKw_P8YxwjlTiVIl38o4PDfV0CeI1NDO2MLQ0szSyMDAwzkLiGhobz2JE8M0tLE1XofFPofFfofF_ofEnMaHyZ6HxF6HxV6HxN6Hxd6GrZ0Hl30LmW5pabGJF08-N5l40_iNhVD4A8GxKBVcBAAA |
|
| live.rezync.com/ | Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjp7IiBiIjoiWW1ZNE9UY3pZV1F0TkRKaU1DMDBaV1U1TFdKak5XUXROREV4TkdFME5HWmtZVFk1T2pFMk16Z3hPVFk1TWpndU1EYz0ifX0.FIZ4QA.Ir-rlzoLPt_xxS6wGY-H7K6qpdg |
|
| .onpointcu.com/ | Name: _fbp Value: fb.1.1638196928219.1336835772 |
|
| www.onpointcu.com/ | Name: psGeo Value: {"region":"default","source":"ip"} |
|
| .facebook.com/ | Name: fr Value: 0LlsqlSVluiCNJGxu..BhpObA...1.0.BhpObA. |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10017083.fls.doubleclick.net
20829752p.rfihub.com
20835021p.rfihub.com
342-khb-372.mktoresp.com
a.rfihub.com
aa.agkn.com
adservice.google.com
ajax.googleapis.com
api.ipstack.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cds-sdkcfg.onlineaccess1.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
links.mail.digitalintersection.com
live.rezync.com
munchkin.marketo.net
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
script.crazyegg.com
secure.adnxs.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
www.facebook.com
www.formstack.com
www.google-analytics.com
www.googletagmanager.com
www.onpointcu.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
104.111.234.67
142.250.185.226
142.250.74.198
143.204.98.81
143.204.98.95
151.101.66.49
18.169.90.17
18.184.216.10
18.196.134.58
18.210.254.78
184.30.24.22
185.33.220.100
185.33.221.91
185.94.180.126
192.0.59.16
192.28.144.124
193.0.160.129
2.18.234.21
2600:1f18:612b:4200:43f8:c79a:f116:17d6
2600:9000:2156:ba00:1:76cf:fe80:93a1
2606:4700::6811:e14e
2606:4700::6812:cbb
2606:4700::6813:9408
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c01::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.211.82.118
34.247.11.172
35.244.174.68
52.19.142.33
52.6.91.228
69.173.144.165
74.112.69.44
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b31b8506139a2aa8d830a064a416299e0a63357d0d5554ef01e8f0eaa2a652
047afeb7b270b6e6be0e600ec2678f64cbb3c53dc3ee6bef19a22df8ad9a7146
0da7b3f9cf3592fc7411ec5822137e8afdf6c67ac5422e278af4718e9fc3481d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
288e072a301f717df59938ba6ca4316ff2c8072743109ce4ad484b2b356b4df4
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
2fc4dca7e5cf49df26540752f27e5a2c320cfce11fdefbaf4164a5a551b0c8a4
32c7dbbb0e2848826f4d07c60c3bb1a99f4f0c13a4421eaa1398e8e53c4882e6
40ec9bf82c9df4c3d8ef4f08a9da33872c053b9f4e818d6edf741ba8a0f67a92
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4cb7b87cc730b3dd63c14f389cea58f43f14560f5565873eadfd26efdc10c239
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b1b6bcb330a79e5874355b5a5e41c9f1160a63ec2c8cddde5a53e88855ab67f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
691a3ac11b6fa16f6e293716e9a535220b4db9d8e06733c8aa4320218627a769
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b94a617c09d12bb5ddc3c4556eb2e27218caf09f7a76e9708ba9c7c56c687e8
6f869edfff7e39af6c234922793b62980f811f0ce93789365dc790933bc17c95
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80762c8831e9cea1e912e3cfa1db5cfff0ea9cf47fb32837c4a248fab56ea3c1
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82d2b7c6abf9e1ff916370cf5f034fda9f326653a1d97f88ff881732c69aec48
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d3f2877287b41f0162743fae46e7ae9a89abb14c39899fe7f78261d2cd81dd
851bae4a476e38538c2f984c131b803a97a9ade9a237c2c4468082f62b95bf4b
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
9066b22e562634253bfd335be5e486455ef200ae32e657bb2c0dc508b37ee5b9
91f5fc7df5e647cb89e14c31875987a4744ed23d1bc60e6b859697c6f4b141ee
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ecf55657d16d7d0402e52fde46dde42926218ea0fb66a81cd60927212f62d18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a99855cd56ed0579e51e391e0d122435909d2021bb4f3f13ce63b2ae98f996f1
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b181760fa978a0d03a0737b87fac1b96a14cf20583dd637d287952431fe9e67e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b5aac2d5b257687f65617b86d42d7d73d127ad474aaac1e4d4ddcd601842838d
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47
ca31bc6cd49e2db643dec7d164160c89b70ff67ddb6876196cfc1a835ec96b3b
d1be0bda9cd1a15ae5beaf2dbbb8272da02f77f284bd56b31c316c50de41a470
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f146b8fea19a35387445db248daebfae46acf9aab35a344f6faac160b2b0dd39
fc953ae265d44c182676c6f7f5820ddbbdc57e76dc39097777d742676f29f6c5
ff734158c5af55b218a31f69e4b0c7861e99a13d1311e1ebf337ca40a7183531