www.onpointcu.com
Open in
urlscan Pro
2606:4700::6812:cbb
Public Scan
Submitted URL: http://links.mail.digitalintersection.com/els/v2/40-Nhqz6d6S7/TjBoTmdrVW9UMkZoRDhOdFpkTy9uYkM0SHFHYjg5cFcwbjJRdE5SUUdqM1BLQ2dtRmJvQ0xCVERT...
Effective URL: https://www.onpointcu.com/credit-cards/
Submission: On November 29 via api from US — Scanned from DE
Effective URL: https://www.onpointcu.com/credit-cards/
Submission: On November 29 via api from US — Scanned from DE
Summary
This website contacted 38 IPs
in 6 countries
across 37 domains to perform 94 HTTP transactions.
The main IP is 2606:4700::6812:cbb, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.onpointcu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2021. Valid for: a year.
This is the only time www.onpointcu.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 22nd 2021. Valid for: a year.
This is the only time www.onpointcu.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
74.112.69.44
(United States)
ASN19795 (ACOUSTIC-ATL-01, US)
PTR: recp.rm02.net
ASN19795 (ACOUSTIC-ATL-01, US)
PTR: recp.rm02.net
| links.mail.digitalintersection.com |
1
65.9.68.105
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-105.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-105.fra56.r.cloudfront.net
| www.formstack.com |
2
2a00:1450:4001:829::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
18.210.254.78
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-254-78.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-254-78.compute-1.amazonaws.com
| api.ipstack.com |
4
2a00:1450:4001:82a::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
142.250.186.70
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
| 10017083.fls.doubleclick.net |
2
92.123.8.217
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a92-123-8-217.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a92-123-8-217.deploy.static.akamaitechnologies.com
| munchkin.marketo.net |
2
2a03:2880:f01c:8012:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
10
193.0.160.128
(United States)
ASN54312 (ROCKETFUEL, US)
ASN54312 (ROCKETFUEL, US)
| 20829752p.rfihub.com | |
| 20835021p.rfihub.com | |
| a.rfihub.com | |
| p.rfihub.com |
1
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
13.32.22.79
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-79.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-79.fra56.r.cloudfront.net
| live.rezync.com |
2
142.250.186.66
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
| cm.g.doubleclick.net |
3
37.252.173.215
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
4
92.123.28.254
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a92-123-28-254.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a92-123-28-254.deploy.static.akamaitechnologies.com
| stags.bluekai.com | |
| x.dlx.addthis.com |
2
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
4
54.72.239.169
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-239-169.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-239-169.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
52.57.150.20
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
| ps.eyeota.net |
2
2.21.140.74
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com
| contextual.media.net |
2
52.28.52.192
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-52-192.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-52-192.eu-central-1.compute.amazonaws.com
| bs.serving-sys.com |
2
52.200.156.204
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-156-204.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-156-204.compute-1.amazonaws.com
| bpi.rtactivate.com |
4
23.202.53.51
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a23-202-53-51.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-202-53-51.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
2
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
2
2600:1f18:612b:4264:a698:31e8:5977:4024
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| partners.tremorhub.com |
2
3.120.154.132
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com
| aa.agkn.com |
2
52.30.186.249
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-186-249.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-186-249.eu-west-1.compute.amazonaws.com
| beacon.krxd.net |
4
18.195.72.140
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-72-140.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-72-140.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
1
37.252.173.22
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| secure.adnxs.com |
| Domain | Requested by | |
|---|---|---|
| 23 | www.onpointcu.com |
www.onpointcu.com
|
| 6 | p.rfihub.com |
2 redirects
www.onpointcu.com
|
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 4 | x.bidswitch.net |
2 redirects
www.onpointcu.com
|
| 4 | sync.search.spotxchange.com |
2 redirects
www.onpointcu.com
|
| 4 | dsum-sec.casalemedia.com |
2 redirects
www.onpointcu.com
|
| 4 | dpm.demdex.net |
2 redirects
www.onpointcu.com
|
| 4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com www.onpointcu.com |
| 3 | sync-tm.everesttech.net | 3 redirects |
| 3 | ib.adnxs.com |
1 redirects
www.onpointcu.com
10017083.fls.doubleclick.net |
| 3 | 10017083.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
www.onpointcu.com |
| 2 | beacon.krxd.net |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | aa.agkn.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | partners.tremorhub.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | x.dlx.addthis.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | idsync.rlcdn.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | bpi.rtactivate.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | bs.serving-sys.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | contextual.media.net |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | ps.eyeota.net |
www.onpointcu.com
|
| 2 | pixel.rubiconproject.com |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | stags.bluekai.com | 2 redirects |
| 2 | a.rfihub.com |
www.onpointcu.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | connect.facebook.net |
www.onpointcu.com
connect.facebook.net |
| 2 | c1.rfihub.net |
www.onpointcu.com
10017083.fls.doubleclick.net |
| 2 | munchkin.marketo.net |
www.onpointcu.com
munchkin.marketo.net |
| 2 | www.googletagmanager.com |
www.onpointcu.com
www.googletagmanager.com |
| 2 | script.crazyegg.com |
www.onpointcu.com
script.crazyegg.com |
| 1 | secure.adnxs.com |
10017083.fls.doubleclick.net
|
| 1 | live.rezync.com |
www.onpointcu.com
|
| 1 | 20835021p.rfihub.com |
c1.rfihub.net
|
| 1 | 342-khb-372.mktoresp.com |
munchkin.marketo.net
|
| 1 | www.facebook.com |
www.onpointcu.com
|
| 1 | adservice.google.com |
10017083.fls.doubleclick.net
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | 20829752p.rfihub.com |
c1.rfihub.net
|
| 1 | fast.fonts.net |
www.onpointcu.com
|
| 1 | api.ipstack.com |
www.onpointcu.com
|
| 1 | fonts.googleapis.com |
ajax.googleapis.com
|
| 1 | ajax.googleapis.com |
www.onpointcu.com
|
| 1 | www.formstack.com |
www.onpointcu.com
|
| 1 | cds-sdkcfg.onlineaccess1.com |
www.onpointcu.com
|
| 1 | links.mail.digitalintersection.com | 1 redirects |
| 94 | 44 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| onpointcu.com Cloudflare Inc ECC CA-3 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
| *.onlineaccess1.com DigiCert SHA2 Secure Server CA |
2020-05-31 - 2022-06-08 |
2 years | crt.sh |
| *.formstack.com Amazon |
2021-05-19 - 2022-06-17 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-05-09 - 2022-05-08 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| apilayer.net Amazon |
2021-09-10 - 2022-10-09 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.marketo.net DigiCert SHA2 Secure Server CA |
2021-03-29 - 2022-04-06 |
a year | crt.sh |
| *.rfihub.net Sectigo RSA Domain Validation Secure Server CA |
2021-02-10 - 2022-02-10 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-07 - 2021-12-06 |
3 months | crt.sh |
| *.rfihub.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-18 - 2022-06-18 |
2 years | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
| *.mktoresp.com DigiCert SHA2 Secure Server CA |
2020-01-17 - 2022-01-21 |
2 years | crt.sh |
| *.rezync.com Amazon |
2021-01-26 - 2022-02-23 |
a year | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-30 - 2022-04-04 |
a year | crt.sh |
| *.media.net DigiCert SHA2 Secure Server CA |
2021-04-12 - 2022-04-20 |
a year | crt.sh |
| bs.serving-sys.com Amazon |
2021-05-10 - 2022-06-08 |
a year | crt.sh |
| rtactivate.com Amazon |
2021-05-13 - 2022-06-11 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-25 - 2022-03-28 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2021-11-24 - 2022-04-26 |
5 months | crt.sh |
| *.tremorhub.com Amazon |
2021-06-27 - 2022-07-26 |
a year | crt.sh |
| *.agkn.com RapidSSL RSA CA 2018 |
2020-07-25 - 2022-09-18 |
2 years | crt.sh |
| beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-03 - 2022-11-02 |
a year | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.onpointcu.com/credit-cards/
Frame ID: C65E146E32225659170F4AFAFC2BF5B3
Requests: 52 HTTP requests in this frame
Frame:
https://10017083.fls.doubleclick.net/activityi;dc_pre=CIHKmMPnvfQCFc7HUQodFHYB_g;src=10017083;type=q32020;cat=credi0;ord=3820386259807;gtm=2wgba1;auiddc=646662146.1638197036;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
Frame ID: 3AE9A0F73C68BB0CA4C0D8B39F5DFD7C
Requests: 3 HTTP requests in this frame
Frame:
https://20829752p.rfihub.com/ca.html?ver=9&rb=43525&ca=20829752&_o=43525&_t=20829752&pe=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F%23headerlogin%3Futm_source%3DAcoustic%26utm_medium%3DEmail%26utm_campaign%3DCURewards_Q4_2021_eStatement&pf=&ra=23884269160916172
Frame ID: 5C44DA81F978E5D4A29DFF6CD495E3B6
Requests: 20 HTTP requests in this frame
Frame:
https://20835021p.rfihub.com/ca.html?ver=9&rb=43525&ca=20835021&_o=43525&_t=20835021&pe=https%3A%2F%2F10017083.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIHKmMPnvfQCFc7HUQodFHYB_g%3Bsrc%3D10017083%3Btype%3Dq32020%3Bcat%3Dcredi0%3Bord%3D3820386259807%3Bgtm%3D2wgba1%3Bauiddc%3D646662146.1638197036%3Bps%3D1%3B%7Eoref%3Dhttps%253A%252F%252Fwww.onpointcu.com%252Fcredit-cards%252F%3F&pf=https%3A%2F%2Fwww.onpointcu.com%2F&ra=5798176335737175
Frame ID: CDE7ECDE15AA96912EF8CD5DFB9622FC
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Oregon & Washington Credit Cards - OnPoint Community Credit UnionPage URL History Show full URLs
-
http://links.mail.digitalintersection.com/els/v2/40-Nhqz6d6S7/TjBoTmdrVW9UMkZoRDhOdFpkTy9uYkM0SHFHYjg5cFcwbjJRdE5SUUdq...
HTTP 302
https://www.onpointcu.com/credit-cards/ Page URL
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
URL: https://play.google.com/store/apps/details?id=com.onpointcommunitycreditunion5123.mobile
Search URL Search Domain Scan URL
URL: https://apps.apple.com/us/app/onpoint-new-mobile/id1243092558
Search URL Search Domain Scan URL
URL: https://secure.onpointcu.com/opccuonline_42/uux.aspx#/login/resetPasswordUsername
Title: Forgot password
Title: Forgot password
Search URL Search Domain Scan URL
URL: https://secure.onpointcu.com/opccuonline_42/sdk/IDologyAutoEnrollmentE2E
Title: Sign up
Title: Sign up
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.onpointcommunitycreditunion5123.mobile&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1
Search URL Search Domain Scan URL
URL: https://app.loanspq.com/cc/CreditCard.aspx?lenderref=ONPOINTCCU011720
Title: Apply online
Title: Apply online
Search URL Search Domain Scan URL
URL: https://www.consumerfinance.gov/learnmore
Title: https://www.consumerfinance.gov/learnmore
Title: https://www.consumerfinance.gov/learnmore
Search URL Search Domain Scan URL
URL: https://thegiftcardmanager.com/
Title: https://thegiftcardmanager.com/
Title: https://thegiftcardmanager.com/
Search URL Search Domain Scan URL
URL: http://www.curewards.com/
Title: www.curewards.com
Title: www.curewards.com
Search URL Search Domain Scan URL
URL: https://www.facebook.com/OnPointCU
Search URL Search Domain Scan URL
URL: https://twitter.com/OnPointCU
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/OnpointCreditUnion
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/onpoint-community-credit-union/
Search URL Search Domain Scan URL
URL: https://www.instagram.com/onpointcu/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.mail.digitalintersection.com/els/v2/40-Nhqz6d6S7/TjBoTmdrVW9UMkZoRDhOdFpkTy9uYkM0SHFHYjg5cFcwbjJRdE5SUUdqM1BLQ2dtRmJvQ0xCVERTVmZYN0NkN1ZXc0tvRE9taWk3QjBPaDArOFJpcGhCcnFDK2dBa1pYR3FOTFpNM0FuY2M9S0/cVhDdEYxVWZkY2VMenZTb1N3TW81OXVyUjZzS0NYMWhTbDdQVjFLRXhVSnRhQm1kcGZ0cjZnbUZBT3hhTGFRZG01RWtJRlpiZUhOQ2ROTnRWbDRpUTBYTmNHQVFXUjVoVVFWbnJpOEFMeC8rbzI2dEQ0R2FLTUxta2dvRVg3bWRpa1BHSkpnMTcvN1QzZC9EVUgzcC9xbk5DdVVkczFvN3hsTkx0bDFGeDNRRFZXbDhsOUs3Q0h1aUhGVzk3RzBrS0
HTTP 302
https://www.onpointcu.com/credit-cards/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://10017083.fls.doubleclick.net/activityi;src=10017083;type=q32020;cat=credi0;ord=3820386259807;gtm=2wgba1;auiddc=646662146.1638197036;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F HTTP 302
- https://10017083.fls.doubleclick.net/activityi;dc_pre=CIHKmMPnvfQCFc7HUQodFHYB_g;src=10017083;type=q32020;cat=credi0;ord=3820386259807;gtm=2wgba1;auiddc=646662146.1638197036;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
- https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0NDU4ODUxODc3NDAyMDk3Ng==&forward= HTTP 302
- https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJly7tXZsx-NzPyDustNzFY&google_cver=1
- https://ib.adnxs.com/setuid?entity=18&code=5144588518774020976 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5144588518774020976
- https://stags.bluekai.com/site/4722?id=5144588518774020976&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
- https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588518774020976&redir= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588518774020976&redir=
- https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
- https://ps.eyeota.net/match?uid=5144588518774020976&bid=omt9pi0
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588518774020976&forward= HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588518774020976&forward=&C=1
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5144588518774020976&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5144588518774020976&img=1&__user_check__=1&sync_id=c7ab8169-5122-11ec-bfcd-14f0ef8b0206
- https://x.bidswitch.net/sync?dsp_id=119&user_id=5144588518774020976&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5144588518774020976&expires=30
- https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://p.rfihub.com/cm?in=1&pub=21653&userid=YaTnLAAINWKhrABR
- https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
- https://ps.eyeota.net/match?uid=5142336718961608286&bid=omt9pi0
- https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YaTnLAAINWKhrABR HTTP 302
- https://p.rfihub.com/cm?in=1&pub=21653&userid=YaTnLAAINWKhrABR&_test=YaTnLAAINWKhrABR
- https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxODk2MTYwODI4Ng==&forward= HTTP 302
- https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJly7tXZsx-NzPyDustNzFY&google_cver=1
- https://stags.bluekai.com/site/4722?id=5142336718961608286&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
- https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336718961608286&redir= HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336718961608286&redir=
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336718961608286&forward= HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336718961608286&forward=&C=1
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336718961608286&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336718961608286&img=1&__user_check__=1&sync_id=c7ab7d8f-5122-11ec-91c9-1fd522ee0206
- https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336718961608286&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336718961608286&expires=30
94 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.onpointcu.com/credit-cards/ Redirect Chain
|
178 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
cds-sdkcfg.onlineaccess1.com/ |
200 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wordpress-post.css
www.formstack.com/forms/css/2/ |
164 B 500 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_single_75741d1cdc42348f8b446c1fc0b43e71.css
www.onpointcu.com/wp-content/cache/autoptimize/css/ |
713 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www.onpointcu.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
www.onpointcu.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8844.js
script.crazyegg.com/pages/scripts/0099/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9bcb625d-81de-48c2-ba0c-664558d197e3.woff2
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
45 KB 45 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
75c84254-5125-412c-bc24-56769ae3b627.woff2
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
16 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
65cde95a-ac33-4c65-8198-e37857968d1a.woff2
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
picturefill.min.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/bower_components/picturefill/dist/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search-icon.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
751 B 544 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close-icon.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
2 KB 534 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location_pin_icon.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
525 B 429 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OnPoint_Primary_One-Color_RGB-resized.png
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apple_app_store_icon.png
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google_play_icon.png
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
www.onpointcu.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
playTriangle.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
168 B 317 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframeResizer.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/bower_components/iframe-resizer/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
production.min.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/js/ |
202 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
www.onpointcu.com/wp-includes/js/ |
1 KB 848 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
201 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hero-credit-cards-onpoint-signature-visa-being-held-in-local-apartment-1049x670-1-1015x648.jpg
www.onpointcu.com/files/ |
58 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fancy-checkmark.svg
www.onpointcu.com/wp-content/themes/onpointcu-theme/images/ |
695 B 477 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
long-form-text-couple-traveling-enjoying-anywhere-access-with-their-OnPoint-credit-card-walking-up-a-mountain-near-a-small-coastal-town-540x300-1.jpg
www.onpointcu.com/files/ |
28 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mtiFontTrackingCode.js
www.onpointcu.com/wp-content/themes/onpointcu-theme/fonts/ |
650 B 626 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8844.json
script.crazyegg.com/pages/data-scripts/0099/ |
752 B 602 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check
api.ipstack.com/ |
968 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v24/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.css
fast.fonts.net/t/ |
0 607 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
163 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=CIHKmMPnvfQCFc7HUQodFHYB_g;src=10017083;type=q32020;cat=credi0;ord=3820386259807;gtm=2wgba1;auiddc=646662146.1638197036;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
10017083.fls.doubleclick.net/ Frame 3AE9 Redirect Chain
|
2 KB 894 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.min.js
c1.rfihub.net/js/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi;register_conversion=1;src=10017083;type=q32020;cat=credi0;ord=3820386259807;gtm=2wgba1;auiddc=646662146.1638197036;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
10017083.fls.doubleclick.net/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1819295225043615
connect.facebook.net/signals/config/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/161/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ca.html
20829752p.rfihub.com/ Frame 5C44 |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 440 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CIHKmMPnvfQCFc7HUQodFHYB_g;src=10017083;type=q32020;cat=credi0;ord=3820386259807;gtm=2wgba1;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.onpointcu.com%2Fcredit-cards%2F
adservice.google.com/ddm/fls/z/ Frame 3AE9 |
42 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 406 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.min.js
c1.rfihub.net/js/ Frame 3AE9 |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
visitWebPage
342-khb-372.mktoresp.com/webevents/ |
2 B 311 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ca.html
20835021p.rfihub.com/ Frame CDE7 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
live.rezync.com/ Frame 5C44 |
42 B 512 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
a.rfihub.com/ Frame 5C44 Redirect Chain
|
42 B 1022 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 5C44 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame 5C44 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 5C44 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame 5C44 Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Frame 5C44 Redirect Chain
|
0 344 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cksync.php
contextual.media.net/ Frame 5C44 |
45 B 616 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serving
bs.serving-sys.com/ Frame 5C44 |
0 105 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
bpi.rtactivate.com/tag/ Frame 5C44 |
43 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 5C44 Redirect Chain
|
43 B 1006 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
360947.gif
idsync.rlcdn.com/ Frame 5C44 |
42 B 417 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 5C44 |
43 B 191 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 5C44 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
partners.tremorhub.com/ Frame 5C44 |
43 B 182 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.pixel
aa.agkn.com/adscores/ Frame 5C44 |
43 B 237 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 5C44 |
0 337 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame 5C44 Redirect Chain
|
43 B 495 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame 5C44 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Frame CDE7 Redirect Chain
|
0 344 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame CDE7 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
px
secure.adnxs.com/ Frame CDE7 |
43 B 946 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
a.rfihub.com/ Frame CDE7 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
setuid
ib.adnxs.com/ Frame CDE7 |
43 B 991 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm
p.rfihub.com/ Frame CDE7 Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame CDE7 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame CDE7 Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cksync.php
contextual.media.net/ Frame CDE7 |
45 B 614 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serving
bs.serving-sys.com/ Frame CDE7 |
0 104 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
bpi.rtactivate.com/tag/ Frame CDE7 |
43 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame CDE7 Redirect Chain
|
43 B 1006 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
360947.gif
idsync.rlcdn.com/ Frame CDE7 |
42 B 289 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rocketfuel_sync
x.dlx.addthis.com/e/ Frame CDE7 |
43 B 191 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame CDE7 Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
partners.tremorhub.com/ Frame CDE7 |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.pixel
aa.agkn.com/adscores/ Frame CDE7 |
43 B 238 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame CDE7 |
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame CDE7 Redirect Chain
|
43 B 495 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
85 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer function| preLogonRequest function| getCookie object| lastUserName object| tribe_l10n_datatables string| MTIProjectId object| WebFont function| iFrameResize object| phpVariables object| activepromos function| PixInview object| stickyNav function| Fuse object| Mustache function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| DOMPurify function| Waypoint object| wp boolean| load_alert_overlay boolean| just_text_overlay number| alert_overlay_close_expire_cookie number| alert_overlay_cookie_not_show object| picturefillCFG function| picturefill object| twemoji boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL boolean| isExternalLink number| j object| featRatesSliderSettings string| featRatesSlider function| reloadFeatRatesSlider function| initFeatRatesSlider number| accordsTogglesLength function| openAccords function| closedAccords function| accordsToggle function| initAccords function| requestAnimFrame string| waypointContextKey object| google_tag_manager function| postscribe object| google_tag_manager_external string| projectId object| mtiTracking object| google_tag_data string| GoogleAnalyticsObject function| ga function| _rfi undefined| formId function| fbq function| _fbq string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| gaplugins object| gaGlobal object| gaData function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| onYouTubeIframeAPIReady object| MunchkinTracker function| q2_collect37 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .onpointcu.com/ | Name: _gcl_au Value: 1.1.646662146.1638197036 |
|
| .fonts.net/ | Name: __cf_bm Value: 8gMRx9IQdT17Zz5Zm5rjRmOT8NF3vvYGnWQb_MMmy28-1638197035-0-AatrVEvjhcJYlTeJAiUTauyvKc9tZoFs+5WvXSzk0qFfSHanBES0fk0GvgkSqceM+EaIGtIuNnUElOjlhi4TPhM= |
|
| .onpointcu.com/ | Name: _gid Value: GA1.2.247937784.1638197036 |
|
| .onpointcu.com/ | Name: _gat_UA-58566926-1 Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlGEAIlooJN9SptmBEkrPsmP9e-_YsJAmxIw3AERVgpDgjPLHzlD8piFL4TG3E |
|
| .onpointcu.com/ | Name: _ga_S95M0BWNFN Value: GS1.1.1638197035.1.0.1638197035.0 |
|
| .onpointcu.com/ | Name: _ga Value: GA1.1.54055832.1638197036 |
|
| .onpointcu.com/ | Name: _fbp Value: fb.1.1638197036029.46935898 |
|
| .onpointcu.com/ | Name: _mkto_trk Value: id:342-KHB-372&token:_mch-onpointcu.com-1638197036035-47373 |
|
| .facebook.com/ | Name: fr Value: 0XBsefx2KYq4ZaDKD..BhpOcs...1.0.BhpOcs. |
|
| .adnxs.com/ | Name: uuid2 Value: 509555421265241844 |
|
| .rlcdn.com/ | Name: pxrc Value: CAA= |
|
| .rlcdn.com/ | Name: rlas3 Value: D9xrQczXm/nR+us+ssNs6BsLBVOu1VX4OI+IYb4WMwQ= |
|
| .media.net/ | Name: visitor-id Value: 2811986365631900000V10 |
|
| .media.net/ | Name: data-rk Value: 5142336718961608286~~3 |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tLA0MzQzsDCyMBPiM9T1SvbLNYg39UrLzNWV4jU0M7YwtDQ3MDYzNDIAALIDCJc0AAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tLA0MzQzsDCyMBPiM9T1SvbLNYg39UrLzNUFALTkJQUlAAAA |
|
| .spotxchange.com/ | Name: audience Value: c7ab7d31-5122-11ec-91c9-1fd522ee0206 |
|
| .casalemedia.com/ | Name: CMPS Value: 3175 |
|
| .eyeota.net/ | Name: SERVERID Value: 17175~DM |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YaTnLAAINWKhrABR |
|
| .dpm.demdex.net/ | Name: dpm Value: 85599922743226736052988523535439236549 |
|
| .demdex.net/ | Name: demdex Value: 85599922743226736052988523535439236549 |
|
| .bidswitch.net/ | Name: c Value: 1638197036 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1638197036 |
|
| live.rezync.com/ | Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjp7IiBiIjoiTjJZeE5XVTNPVGN0TmpreE5DMDBNRGd4TFdGaE5qY3ROVFEyTmpFeFpUSXhOVEUzT2pFMk16Z3hPVGN3TXpZdU1qRT0ifX0.FIZ4rA.l84nxhG1o4iVemafvMCu3On8nE8 |
|
| .krxd.net/ | Name: _kuid_ Value: Ogsuw66a |
|
| .bidswitch.net/ | Name: tuuid Value: 2c717346-697b-4e75-9b0f-680bbc3c36e2 |
|
| .casalemedia.com/ | Name: CMID Value: YaTnLO-2qXt2OrhJroGUgAAA |
|
| www.onpointcu.com/ | Name: psGeo Value: {"region":"default","source":"ip"} |
|
| .rfihub.com/ | Name: smd Value: H4sIAAAAAAAAAOPiNTQztjC0NDcwNjMyNTBC4hqbmgEAd2FMhh4AAAA |
|
| .rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129cqpNC-JiCqu0PWrCqh0KS0u8atyi1TiVIl38o4PDfV0CeI1NDO2MLQ0NzA2MzKxzELiGptZzGJE4hsamaxC459C479C4_9C409iQuXPQuMvQuOvQuNvQuPvQlfPgsq_hcbfxIqmnxvNvWj8R8KofACi8M5pVwEAAA |
|
| .rfihub.com/ | Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129cqpNC-JiCqu0PWrCqh0KS0u8atyi1TiVIl38o4PDfV0AQDH3XzxKQAAAA |
|
| .casalemedia.com/ | Name: CMPRO Value: 1148 |
|
| .casalemedia.com/ | Name: CMST Value: YaTnLGGk5ywA |
|
| .casalemedia.com/ | Name: CMRUM3 Value: 3961a4e72c27605142336718961608286 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/YErk#WF']wIg2E>3hPT.$!]tbPl1MNu::wpAk`W=ie:5_DjFq*klw1#Pcxd#6D-U:*bpj?n!AXTO:4=sB!$THDnwF(_ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10017083.fls.doubleclick.net
20829752p.rfihub.com
20835021p.rfihub.com
342-khb-372.mktoresp.com
a.rfihub.com
aa.agkn.com
adservice.google.com
ajax.googleapis.com
api.ipstack.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cds-sdkcfg.onlineaccess1.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
links.mail.digitalintersection.com
live.rezync.com
munchkin.marketo.net
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
ps.eyeota.net
script.crazyegg.com
secure.adnxs.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
www.facebook.com
www.formstack.com
www.google-analytics.com
www.googletagmanager.com
www.onpointcu.com
x.bidswitch.net
x.dlx.addthis.com
13.32.22.79
142.250.186.66
142.250.186.70
151.101.2.49
18.195.72.140
18.210.254.78
185.94.180.126
192.0.51.16
192.28.144.124
193.0.160.128
2.21.140.74
23.202.53.51
2600:1f18:612b:4264:a698:31e8:5977:4024
2600:9000:214f:ee00:1:76cf:fe80:93a1
2606:4700::6811:e14e
2606:4700::6812:cbb
2606:4700::6813:9408
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.154.132
35.244.174.68
37.252.173.215
37.252.173.22
52.200.156.204
52.28.52.192
52.30.186.249
52.57.150.20
54.72.239.169
65.9.68.105
69.173.144.165
74.112.69.44
92.123.28.254
92.123.8.217
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
047afeb7b270b6e6be0e600ec2678f64cbb3c53dc3ee6bef19a22df8ad9a7146
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
2152973bbab7f4483bfa9fe3bf8668b1fc8761e205637b9e2c925786c59284b3
288e072a301f717df59938ba6ca4316ff2c8072743109ce4ad484b2b356b4df4
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
2fc4dca7e5cf49df26540752f27e5a2c320cfce11fdefbaf4164a5a551b0c8a4
32c7dbbb0e2848826f4d07c60c3bb1a99f4f0c13a4421eaa1398e8e53c4882e6
40ec9bf82c9df4c3d8ef4f08a9da33872c053b9f4e818d6edf741ba8a0f67a92
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
432169e46a94b347a5d60c92eef0b0951da2db3d964780d4cd0c2198fb5b47e9
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4c00eec5b4c00b4e01b68aa43c855009e277819d190567ed2283c7bfd1e53622
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
589acea97f9f1df59ad4df260f4fa2ae1e069ea6f961ac79a42f31e0e8a5ea0e
5b1b6bcb330a79e5874355b5a5e41c9f1160a63ec2c8cddde5a53e88855ab67f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
5ec940cd298b1c7e46648c1a5fb1377b325b38c03d033fd0425d84035091e7fa
691a3ac11b6fa16f6e293716e9a535220b4db9d8e06733c8aa4320218627a769
6a507d28437c6959b1873839d7505eee7662d83f55abac5e609cd04235bf7ab2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f869edfff7e39af6c234922793b62980f811f0ce93789365dc790933bc17c95
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80762c8831e9cea1e912e3cfa1db5cfff0ea9cf47fb32837c4a248fab56ea3c1
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82d2b7c6abf9e1ff916370cf5f034fda9f326653a1d97f88ff881732c69aec48
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d3f2877287b41f0162743fae46e7ae9a89abb14c39899fe7f78261d2cd81dd
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8f8eb3ca35bb4f5f65e0254e09023a6a0486e1035ad62d78406632ffb3a09fcf
9066b22e562634253bfd335be5e486455ef200ae32e657bb2c0dc508b37ee5b9
91f5fc7df5e647cb89e14c31875987a4744ed23d1bc60e6b859697c6f4b141ee
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47
cb093560c952cc7e584347207eac36c84e8ce2c520787613b81587968277423a
d1dcbeb58265d3cc3b7e78c79c982f9929695ecfeb7fd18f6c35d9bebf8a1727
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb29a9008b5a8b98dd374db814cd98912d71c137fb2f39a5ca9f964799ebdd1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61a69218ac355d4bf751527fa619598595ba4f9a07785d103d296aff4f234bf
f65e2e01448cbddee57048bae432442df2fcc5001187a9c79b37d0077c32d501
fcb07f2428eb6495d24c388e02b7db40c5af3ee024e9c6e6dc55c6248933dc48
ff734158c5af55b218a31f69e4b0c7861e99a13d1311e1ebf337ca40a7183531