www.afcu.org
Open in
urlscan Pro
2a04:4e42::645
Public Scan
Effective URL: https://www.afcu.org/login/
Submission: On May 02 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Certainly Intermediate R1 on April 16th 2024. Valid for: a month.
This is the only time www.afcu.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14061 (DIGITALOCEAN-ASN, US)
loginchecker.rightmessage.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net
js.adsrvr.org |
ASN20940 (AKAMAI-ASN1, NL)
cdn-4.convertexperiments.com |
ASN16509 (AMAZON-02, US)
d21y75miwcfqoq.cloudfront.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-123.fra60.r.cloudfront.net
cdn.segmint.net |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-232-117.compute-1.amazonaws.com
connect.segmint.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-4-58.compute-1.amazonaws.com
client-logger.salemove.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
afcu.org
2 redirects
afcu.org — Cisco Umbrella Rank: 524099 www.afcu.org — Cisco Umbrella Rank: 855988 |
1 MB |
9 |
salemove.com
libs.salemove.com — Cisco Umbrella Rank: 17722 api.salemove.com — Cisco Umbrella Rank: 17559 client-logger.salemove.com — Cisco Umbrella Rank: 13855 |
410 KB |
7 |
segmint.net
cdn.segmint.net — Cisco Umbrella Rank: 44168 connect.segmint.net — Cisco Umbrella Rank: 48867 |
20 KB |
7 |
clarity.ms
1 redirects
www.clarity.ms — Cisco Umbrella Rank: 747 p.clarity.ms — Cisco Umbrella Rank: 576208 c.clarity.ms — Cisco Umbrella Rank: 1371 |
28 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
293 KB |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941 |
297 B |
2 |
adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1361 insight.adsrvr.org — Cisco Umbrella Rank: 622 |
4 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
73 KB |
2 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2396 |
3 KB |
2 |
rmbutterfly.com
rmbutterfly.com — Cisco Umbrella Rank: 241403 |
554 B |
2 |
glia.com
api.glia.com — Cisco Umbrella Rank: 15051 |
22 KB |
2 |
rightmessage.com
tb.rightmessage.com — Cisco Umbrella Rank: 255116 loginchecker.rightmessage.com — Cisco Umbrella Rank: 200555 |
87 KB |
2 |
app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9262 prism.app-us1.com — Cisco Umbrella Rank: 9348 |
8 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 242 |
591 B |
1 |
bing.com
1 redirects
c.bing.com — Cisco Umbrella Rank: 228 |
766 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 594 |
18 KB |
1 |
trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 9438 |
315 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
274 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 7278 |
408 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
252 B |
1 |
cloudfront.net
d21y75miwcfqoq.cloudfront.net |
456 B |
1 |
convertexperiments.com
cdn-4.convertexperiments.com — Cisco Umbrella Rank: 8813 |
67 KB |
1 |
siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 3573 |
720 B |
71 | 23 |
Domain | Requested by | |
---|---|---|
22 | www.afcu.org |
1 redirects
www.afcu.org
|
6 | libs.salemove.com |
api.glia.com
libs.salemove.com |
4 | cdn.segmint.net |
www.googletagmanager.com
cdn.segmint.net |
3 | connect.segmint.net |
cdn.segmint.net
|
3 | p.clarity.ms |
www.clarity.ms
|
3 | www.googletagmanager.com |
www.afcu.org
www.googletagmanager.com |
2 | c.clarity.ms | 1 redirects |
2 | api.salemove.com |
libs.salemove.com
|
2 | region1.analytics.google.com |
www.googletagmanager.com
|
2 | www.clarity.ms |
www.afcu.org
www.clarity.ms |
2 | connect.facebook.net |
www.afcu.org
connect.facebook.net |
2 | script.crazyegg.com |
www.googletagmanager.com
script.crazyegg.com |
2 | rmbutterfly.com |
tb.rightmessage.com
|
2 | api.glia.com |
www.afcu.org
api.glia.com |
1 | client-logger.salemove.com |
libs.salemove.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | insight.adsrvr.org |
js.adsrvr.org
|
1 | c.bing.com | 1 redirects |
1 | js-agent.newrelic.com |
www.afcu.org
|
1 | trackcmp.net |
diffuser-cdn.app-us1.com
|
1 | www.facebook.com |
www.afcu.org
|
1 | www.google.de |
www.afcu.org
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | prism.app-us1.com |
diffuser-cdn.app-us1.com
|
1 | d21y75miwcfqoq.cloudfront.net |
www.afcu.org
|
1 | cdn-4.convertexperiments.com |
www.googletagmanager.com
|
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | siteimproveanalytics.com |
www.afcu.org
|
1 | loginchecker.rightmessage.com |
tb.rightmessage.com
|
1 | tb.rightmessage.com |
www.afcu.org
|
1 | diffuser-cdn.app-us1.com |
www.afcu.org
|
1 | afcu.org | 1 redirects |
71 | 32 |
This site contains links to these domains. Also see Links.
Domain |
---|
my.afcu.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.afcu.org Certainly Intermediate R1 |
2024-04-16 - 2024-05-16 |
a month | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
diffuser-cdn.app-us1.com E1 |
2024-03-30 - 2024-06-28 |
3 months | crt.sh |
rightmessage.com E1 |
2024-04-15 - 2024-07-14 |
3 months | crt.sh |
*.glia.com Amazon RSA 2048 M01 |
2023-06-18 - 2024-07-15 |
a year | crt.sh |
loginchecker.rightmessage.com R3 |
2024-02-23 - 2024-05-23 |
3 months | crt.sh |
rmbutterfly.com E1 |
2024-04-03 - 2024-07-02 |
3 months | crt.sh |
script.crazyegg.com E1 |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-09 - 2024-05-09 |
3 months | crt.sh |
siteimproveanalytics.com GTS CA 1P5 |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-09 - 2024-11-09 |
a year | crt.sh |
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-07 - 2024-12-07 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
prism.app-us1.com E1 |
2024-03-19 - 2024-06-17 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-04-08 - 2024-07-01 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
a.clarity.ms Microsoft Azure TLS Issuing CA 01 |
2024-01-14 - 2024-06-27 |
5 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-08-26 - 2024-08-25 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-21 - 2025-04-22 |
a year | crt.sh |
*.segmint.net Amazon RSA 2048 M03 |
2023-11-01 - 2024-11-30 |
a year | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.afcu.org/login/
Frame ID: 9FB49051EAC468BC9304885BD4544B59
Requests: 70 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=m96gqhv&ref=https%3A%2F%2Fwww.afcu.org%2Flogin%2F&upid=i4z5325&upv=1.1.0
Frame ID: 87FAE2D102B9445E98A60293171CD892
Requests: 1 HTTP requests in this frame
Frame:
https://connect.segmint.net/iframe/doughnut/en1qq5qn79
Frame ID: E5994CB9AA387D9EE9AA8E6B5986D5D6
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Log Into Online Banking - Arkansas Federal Credit UnionPage URL History Show full URLs
-
http://afcu.org/login
HTTP 307
https://afcu.org/login HTTP 301
https://www.afcu.org/login HTTP 301
https://www.afcu.org/login/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Crazy Egg (Analytics) Expand
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: Forgot Username?
Search URL Search Domain Scan URL
Title: New Here? Register Your Account
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://afcu.org/login
HTTP 307
https://afcu.org/login HTTP 301
https://www.afcu.org/login HTTP 301
https://www.afcu.org/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 59- https://c.clarity.ms/c.gif HTTP 302
- https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2F2A99AF07E6483DABC0FE820AA3029F&RedC=c.clarity.ms&MXFR=0CBA3D26B6C761C413F12955B2C76F0A HTTP 302
- https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2F2A99AF07E6483DABC0FE820AA3029F&MUID=038A3F17B9C76EB40BF92B64B8156FEF
71 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.afcu.org/login/ Redirect Chain
|
64 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-equity-Q12024_1040x660-940x850.jpg
www.afcu.org/wp-content/uploads/2024/04/ |
67 KB 67 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.afcu.org/wp-includes/css/dist/block-library/ |
111 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.afcu.org/wp-content/plugins/searchwp-live-ajax-search/assets/styles/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
www.afcu.org/wp-content/themes/lumberjack/dist/styles/ |
211 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.css
www.afcu.org/wp-content/themes/lumberjack/dist/styles/ |
210 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.afcu.org/wp-includes/js/jquery/ |
86 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
www.afcu.org/wp-content/plugins/searchwp-live-ajax-search/assets/javascript/dist/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazyload.min.js
www.afcu.org/wp-content/plugins/perfmatters/js/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.js
www.afcu.org/wp-content/themes/lumberjack/dist/scripts/ |
118 KB 44 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rightmessage.js
www.afcu.org/wp-content/themes/lumberjack/dist/scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat.js
www.afcu.org/wp-content/themes/lumberjack/dist/scripts/ |
1 KB 1017 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pminstantpage.min.js
www.afcu.org/wp-content/plugins/perfmatters/vendor/instant-page/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
330 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
www.afcu.org/wp-content/themes/lumberjack/dist/styles/ |
37 B 382 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
856265991.js
tb.rightmessage.com/ |
361 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
salemove_integration.js
api.glia.com/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
363 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
549 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
textanarrowalt-medium.otf
www.afcu.org/wp-content/themes/lumberjack/dist/fonts/ |
44 KB 28 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
textanarrowalt-bold.otf
www.afcu.org/wp-content/themes/lumberjack/dist/fonts/ |
49 KB 31 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
www.afcu.org/wp-content/themes/lumberjack/dist/webfonts/ |
386 KB 387 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
www.afcu.org/wp-content/themes/lumberjack/dist/webfonts/ |
320 KB 321 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
refinancing-your-mortgage_1200x800-814x512.jpg
www.afcu.org/wp-content/uploads/2024/04/ |
82 KB 82 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secured-vs-unsecured-loans_1200x800-814x512.jpg
www.afcu.org/wp-content/uploads/2024/04/ |
40 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
loginchecker.rightmessage.com/ |
42 B 201 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
monthly_visitors
rmbutterfly.com/856265991/events/ |
0 277 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
349 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
224 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6673.js
script.crazyegg.com/pages/scripts/0110/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
siteanalyze_81930.js
siteimproveanalytics.com/js/ |
48 B 720 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10041278-10042367.js
cdn-4.convertexperiments.com/js/ |
215 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ldkif6cvae
www.clarity.ms/tag/ |
667 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
239f60fa
d21y75miwcfqoq.cloudfront.net/ |
68 B 456 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visitor_config
api.glia.com/ |
11 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
prism.app-us1.com/ |
246 B 496 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1174446662708842
connect.facebook.net/signals/config/ |
69 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrapper-8e17d0ada.js
libs.salemove.com/visitor/ |
643 KB 168 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visitor_changes
rmbutterfly.com/856265991/events/ |
0 277 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www.afcu.org.json
script.crazyegg.com/pages/data-scripts/0110/6673/site/ |
1 KB 729 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webcomponents_es5-8e17d0ada.js
libs.salemove.com/visitor/ |
936 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity.js
www.clarity.ms/s/0.7.32/ |
61 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitor-app.15fe8a49.min.js
libs.salemove.com/ |
688 KB 198 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitor-app.15fe8a49.default.css
libs.salemove.com/ |
206 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gva-custom-chat-renderer.ca4c3a8.js
libs.salemove.com/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gva-custom-chat-renderer.ca4c3a8.css
libs.salemove.com/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
p.clarity.ms/ |
0 292 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t_prism_sitemessages.php
trackcmp.net/ |
0 315 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sources_triggered
api.salemove.com/overseer/ |
2 B 503 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
sources_triggered
api.salemove.com/overseer/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-rum-1.258.0.min.js
js-agent.newrelic.com/ |
50 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.clarity.ms/ Redirect Chain
|
42 B 443 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm-invo-loader.js
cdn.segmint.net/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame 87FA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
www.afcu.org/ |
2 KB 2 KB |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-8108a483ef73ac19ab7
bam.nr-data.net/1/ |
150 B 591 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
segmint.min.js
cdn.segmint.net/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8cfad8da-0742-4d7d-be90-8cdf2ac045c2.json
cdn.segmint.net/ |
313 B 962 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
8cfad8da-0742-4d7d-be90-8cdf2ac045c2.json
cdn.segmint.net/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
p.clarity.ms/ |
0 292 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
connect.segmint.net/ |
0 637 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en1qq5qn79
connect.segmint.net/iframe/doughnut/ Frame E599 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
event
connect.segmint.net/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
client-logger.salemove.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collect
p.clarity.ms/ |
0 292 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| dataLayer object| NREUM object| webpackChunk:NRBA-1.258.0.PROD object| newrelic boolean| loadChat boolean| loadChatMobile undefined| $ function| jQuery string| visitorGlobalObjectAlias function| vgo boolean| _SEARCHWP_LIVE_AJAX_SEARCH_BLOCKS string| _SEARCHWP_LIVE_AJAX_SEARCH_ENGINE string| _SEARCHWP_LIVE_AJAX_SEARCH_CONFIG object| searchwp_live_search_params object| lazyLoadOptions function| LazyLoad object| Modal function| LeadGenOpen object| Base64 function| setImmediate function| clearImmediate object| rmpanda object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| clarity object| sm string| prismGlobalObjectAlias object| visitorGlobalObject function| onYouTubeIframeAPIReady object| gaGlobal function| ttd_dom_ready function| TTDUniversalPixelApi object| ttdPixel boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| convert_temp undefined| loglyjson object| convertData object| matched function| REED_$ object| REED object| convert object| _conv_q object| _gaq function| ga object| _kmq string| secure function| hj object| webpackJsonpSalemoveVisitorApp number| uidEvent object| _hmt object| _czc object| emosGlobalProperties object| _paq object| _wt1Q string| __sgmt_configId string| __sgmt_cdnUrl object| $egmint36 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.afcu.org/ | Name: _gcl_au Value: 1.1.188515722.1714617476 |
|
.afcu.org/ | Name: _ga Value: GA1.1.1389596395.1714617476 |
|
.afcu.org/ | Name: _ga_X75V1JPCE4 Value: GS1.1.1714617476.1.0.1714617476.60.0.0 |
|
api.glia.com/ | Name: visitor_session Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MTQ2MTc0NzYsInZpc2l0b3JfaWQiOiI1NmFhNzgxMy0yNTZiLTRkOGQtODYxZS0wMDFlNjZjZWZkNTMiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI3MjUyOTZhMC00YjQwLTQ4NTAtOGNkZC03ZTBmYjk0ZjBlOGUifQ.tJ-5eLrzbBPF828s9GmRSH-ZtaNXLhk6m2GkUs7tf2ultn49PilWA-k_1Z32mioIi90bTqsZ5HnQH59Rrxj9AQ |
|
api.glia.com/ | Name: visitor_session_partitioned Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MTQ2MTc0NzYsInZpc2l0b3JfaWQiOiI1NmFhNzgxMy0yNTZiLTRkOGQtODYxZS0wMDFlNjZjZWZkNTMiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiI3MjUyOTZhMC00YjQwLTQ4NTAtOGNkZC03ZTBmYjk0ZjBlOGUifQ.tJ-5eLrzbBPF828s9GmRSH-ZtaNXLhk6m2GkUs7tf2ultn49PilWA-k_1Z32mioIi90bTqsZ5HnQH59Rrxj9AQ |
|
.afcu.org/ | Name: _fbp Value: fb.1.1714617476395.2124419225 |
|
www.clarity.ms/ | Name: CLID Value: 62b7528580f34b5e80eff21e3dd72a5a.20240502.20250502 |
|
.afcu.org/ | Name: _conv_v Value: vi%3A1*sc%3A1*cs%3A1714617477*fs%3A1714617477*pv%3A1 |
|
.afcu.org/ | Name: _conv_s Value: si%3A1*sh%3A1714617476523-0.7314543929459449*pv%3A1 |
|
.afcu.org/ | Name: _clck Value: qa61u3%7C2%7Cflf%7C0%7C1583 |
|
prism.app-us1.com/ | Name: prism_66360882 Value: e689b748-6134-414f-b48c-053cb79a7c78 |
|
.afcu.org/ | Name: prism_66360882 Value: e689b748-6134-414f-b48c-053cb79a7c78 |
|
.afcu.org/ | Name: _clsk Value: 671h69%7C1714617477244%7C1%7C1%7Cp.clarity.ms%2Fcollect |
|
.bing.com/ | Name: MUID Value: 038A3F17B9C76EB40BF92B64B8156FEF |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.c.bing.com/ | Name: SRM_B Value: 038A3F17B9C76EB40BF92B64B8156FEF |
|
.c.clarity.ms/ | Name: SM Value: C |
|
.clarity.ms/ | Name: MUID Value: 038A3F17B9C76EB40BF92B64B8156FEF |
|
.c.clarity.ms/ | Name: MR Value: 0 |
|
.c.clarity.ms/ | Name: ANONCHK Value: 0 |
|
.simpli.fi/ | Name: suid Value: FF7E085C730C4E43AD68E953F762144E |
|
.segmint.net/ | Name: SegmintId Value: 83cc9905cbfa4972955c85b9f09eabf9 |
|
.simpli.fi/ | Name: uid_syncd_secure Value: true |
|
.agkn.com/ | Name: ab Value: 0001%3A4pz53QhuuLDZfOImA6tlL3jL1ORycbw%2B |
|
.tapad.com/ | Name: TapAd_TS Value: 1714617479498 |
|
.tapad.com/ | Name: TapAd_DID Value: 0427b9b0-834b-4897-ab34-cf3e9723baca |
|
.pro-market.net/ | Name: anProfile Value: "-3hcue5t2s6rz+1+1f=1+1g=4+1j=57:1+rs=s+rt=20011B60000202403247000000000004+s2=(scu7bb)+vm=24-FF7E085C730C4E43AD68E953F762144E" |
|
.pro-market.net/ | Name: anHistory Value: "-3hcue5t2s6rz+2+!#7%/#E!9G7" |
|
.tapad.com/ | Name: TapAd_3WAY_SYNCS Value: |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.agkn.com/ | Name: u Value: C|0AAAAAAAALcW5BwAAAAAA |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.exelator.com/ | Name: EE Value: "141993e9a85a5f0f221051be65c9c103" |
|
.bluekai.com/ | Name: bku Value: blx99/4X1ZRTgk6n |
|
.bluekai.com/ | Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDjsB6DymePeBp1yxpHaBeBOHeRTHEAN16RlBM/hBeHa9y93FyrZ |
|
.exelator.com/ | Name: ud Value: "eJxrXxzq6XKLQcHQxNDS0jjVMtHCNNE0zSDNyMjQwNQwKdXMNNky2dDAeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIZEl%252BUWb6IhfXxUUpaQyLSopPBR%252BfPRUAbNYp9A%253D%253D" |
95 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afcu.org
api.glia.com
api.salemove.com
bam.nr-data.net
c.bing.com
c.clarity.ms
cdn-4.convertexperiments.com
cdn.segmint.net
client-logger.salemove.com
connect.facebook.net
connect.segmint.net
d21y75miwcfqoq.cloudfront.net
diffuser-cdn.app-us1.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
libs.salemove.com
loginchecker.rightmessage.com
p.clarity.ms
prism.app-us1.com
region1.analytics.google.com
rmbutterfly.com
script.crazyegg.com
siteimproveanalytics.com
stats.g.doubleclick.net
tb.rightmessage.com
trackcmp.net
www.afcu.org
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
13.35.58.123
162.247.243.29
167.99.2.165
172.67.184.53
18.172.103.101
188.114.97.3
20.122.63.128
2001:4860:4802:34::36
2600:9000:235a:1200:1b:ef38:3680:21
2600:9000:2724:1200:17:4c3f:1b80:93a1
2600:9000:2724:9600:17:4c3f:1b80:93a1
2600:9000:2724:ee00:0:99b9:cd80:93a1
2602:816:5001::39
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2606:4700::6812:80d8
2606:4700::6813:9308
2620:12a:8001::4
2620:1ec:46::45
2620:1ec:c11::237
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:400c:c02::9c
2a02:26f0:480:b9e::14a9
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::645
45.55.105.60
52.223.40.198
52.7.4.58
54.173.232.117
68.219.88.97
00306242c460db20ba2942012ad1964cbe3d8c5936d697e14230425c4b902b6f
08ed0d5c018c85c1b44b8973076287faf5aa1d866353808c700f58bfb41c9fd1
0d6a7bae3a4c5ba80647823270e2a571bbcfad38800ab5af71aa5d4bede9a2dd
1208c3afae4b4b48526959b94afbca18f37e909ab81f3af065552c472caf1f35
15714fb1bc6a34a2ba1b47eb4c4972d24a6b5f79c1d2cca55c0a05269aced9fd
19778635faa61ffceac705aed176b077a25a5172a69e2b3d072eca0bf97d3f08
1df014b2b69977918a0ccb898ce616b5122de7da4f9aadd07c98eff414a84508
1f64d5e23518e25d5706e655a97cc40a3b5a5c2ab1a739fcfed39cdb6ec5938c
3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd
4146285bb4496cc9415cba29daf393082e8358fa76d181cce3cee7fe9b960be2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44faabbad74415028a0787df200b666731a7fc312b155c8d31ca3def0fa3c82d
4920bc5e94586969e1587b55da1190f47402a6b1aaf0eedd8e132632de875dee
4c4695092ecb72b2b739268337b1915d410d8f582545d0fd162caa48f350acb6
513afb1ec50be64eafb2d9bf9b45cff2566dd0913950fdd071afb107931adc24
5238c6b0e295052eb068597e2bb03579520f86f70203d280c2873d47ebf16d12
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef
5b35174b311606884d65d68c2bae7a83dbf570af6b1d9beb89d6d1005c0173f0
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5d014f4cf6d5c63e360cfda69be1d1a9a469d80217daba378a7d0919b7b87444
5db1a3b487dd2921152a1c389c58f7a0a17426297fe79c0db9c8fb23dc79e6c9
5e77317ae07d5243494244d7004977bcabc71e2e5c6bb6957d805c9a7613a995
60bcc1f3a497f3f9063eb2e6ae19a2597228c5da1358f604d2f8d07eb16ad94e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
644db1a11392c0d6d73576cace8f0bb4ca65ebd38f9eec20c9db79d7865efd8c
680c8f492aeb62808bb876a97ab4f814d8684341a0abeed280fe2803ee4c7437
68cd9699eeb65687ff51adde4016a269c1ed602e8ba24fd14e010768c95c6f1c
69351ec9a49610e9eeb738fedefb90fc279b059670a8ccfe7902f550707c3a33
7b6fdd117faea402e89867dfcec302a48c0769b63fd768eaa38b962cb4dd1d73
7cdbad06f37f649873a836fe856e8afa21132ad5e9bb1c78739a78cb2dea5e8b
7e76574381fb7020a96e2878144befa7ca2b17817af82416dcef646f969937ac
7f37727747c57cea48984608b02c8aedab1cf24170c04466e3982dc59dbc40fe
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
8b2498769ff6d35b6dbbfd31189e7294564b3caa02112b5f5f2bd61769c69996
8b3b70180fc742006a73b92200c3589827e14eab63e21a07505969412e6ee503
8d444c3bf8004094e875ac6a6764cddd22b1385cff6bee7ab23927a610e333da
8fbc01610a9b7c33f38205421299679237458dbcba7e34ae8a7ac920861eaed4
934f698a5d9bf3255ffea47e88e2bf86013890ce810a31d82c31b520c75453fd
97bbedba79079d363917a02a376ea5ffa618bd83aa29ae33e1448ac3a9a44181
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dab5cecf8d2472066e3cc15981d42b84cb9af4168b0d028b866c1df446f5d63
a182eaf5275372a121ddc4715bb4ff81d1a18854903807f6e1e9a1e955cf3645
a2bb25fe5f4a8f4c3c5e9b4f3bab91e88ef7985a70c62d0cf3f2914ff665581c
a358f5b0d8722ee0b4a4ad6c2d4ae611f30e5fd2a2cc7308d954bfce44f0b011
b1a829826f8a436f1bc4a66240e6515c320a7a64ab9dd2fa59e69c50e97ce7d8
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd3521e9b79712590c50523ef00789c637324afa1c8987bf5b773c5d3a66fb3d
ce678af9ab2cd903a2144e096f40f0b4140a2fa577e6c3337e28fe8eac7658be
d7c84ff8975a1e9c4a1d01ae6cb3b535066f2a448a562d20f02dbcdf5ed316ea
decdbb3c4ba7eb0940f7a8d6008aa54827093c5239066e5c3678054d4e642d24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeca4c36c0b6721ea4416bac346a4c735f35af4bb6cc283ce6aef8c8f1b1138b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f373f2b696cb9a84c4d4acdf5588a442173ec501b4f8556baca22cd35716a7c9
fe00c5652ecb785e332bbad69fe7e410bf6f594196423bad35051b6848319784