www.bayerhfcu.com
Open in
urlscan Pro
74.200.39.23
Public Scan
Effective URL: https://www.bayerhfcu.com/
Submission: On March 23 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on March 1st 2023. Valid for: a year.
This is the only time www.bayerhfcu.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.233.196.104.bc.googleusercontent.com
telbecfcu.com | |
www.telbecfcu.com |
ASN14010 (JACKHENRY, US)
PTR: www.cnbwv.com
bayerhfcu.com | |
www.bayerhfcu.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.223.90.34.bc.googleusercontent.com
tag.simpli.fi |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
banno.com | |
kernel-serve.banno.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com
i.simpli.fi |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi |
ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-214-237.eu-west-1.compute.amazonaws.com
aa.agkn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-80-27.eu-central-1.compute.amazonaws.com
d.agkn.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net
sync.intentiq.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-110-36.compute-1.amazonaws.com
sync.bfmio.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
stags.bluekai.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-149-6.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
bayerhfcu.com
1 redirects
bayerhfcu.com www.bayerhfcu.com |
912 KB |
24 |
simpli.fi
17 redirects
tag.simpli.fi — Cisco Umbrella Rank: 4184 i.simpli.fi — Cisco Umbrella Rank: 3333 um.simpli.fi — Cisco Umbrella Rank: 740 |
14 KB |
6 |
banno.com
banno.com — Cisco Umbrella Rank: 27621 kernel-serve.banno.com — Cisco Umbrella Rank: 87029 |
2 MB |
4 |
doubleclick.net
3 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 70 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 |
1 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 210 |
2 KB |
2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 699 |
1 KB |
2 |
exelator.com
1 redirects
loadm.exelator.com — Cisco Umbrella Rank: 1394 |
2 KB |
2 |
pro-market.net
2 redirects
fei.pro-market.net — Cisco Umbrella Rank: 2137 |
879 B |
2 |
intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1186 |
|
2 |
agkn.com
2 redirects
aa.agkn.com — Cisco Umbrella Rank: 481 d.agkn.com — Cisco Umbrella Rank: 648 |
1 KB |
2 |
tapad.com
1 redirects
pixel.tapad.com — Cisco Umbrella Rank: 432 |
1 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25 |
20 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
82 KB |
2 |
telbecfcu.com
2 redirects
telbecfcu.com www.telbecfcu.com |
156 B |
1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 429 |
273 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 322 |
239 B |
1 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 357 |
98 B |
1 |
lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882 |
311 B |
1 |
crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881 |
265 B |
1 |
bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 514 |
452 B |
1 |
bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1423 |
421 B |
1 |
tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6057 |
183 B |
0 |
google.de
Failed
www.google.de Failed |
|
0 |
3lift.com
Failed
eb2.3lift.com Failed |
|
62 | 24 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.bayerhfcu.com GeoTrust EV RSA CA 2018 |
2023-03-01 - 2024-02-29 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-07 - 2023-12-08 |
a year | crt.sh |
*.banno.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-12-30 - 2024-01-06 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.bayerhfcu.com/
Frame ID: 4DAD917A53A503C49485030CE814F6AD
Requests: 62 HTTP requests in this frame
Screenshot
Page Title
Home › Bayer Heritage Federal Credit UnionPage URL History Show full URLs
-
https://telbecfcu.com/
HTTP 301
https://www.telbecfcu.com/ HTTP 301
https://bayerhfcu.com/ HTTP 301
https://www.bayerhfcu.com/ Page URL
Detected technologies
AppNexus (Advertising Networks) ExpandDetected patterns
- adnxs\.(?:net|com)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: Documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view,download Adobe® Acrobat Reader.
Search URL Search Domain Scan URL
Title: Mortgage Loan Application (Opens in a new Window)
Search URL Search Domain Scan URL
Title: Membership Application (Opens in a new Window)
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Click here!
Search URL Search Domain Scan URL
Title: (Opens in a new Window)
Search URL Search Domain Scan URL
Title: Bayer Heritage My Claim Portal (Opens in a new Window)
Search URL Search Domain Scan URL
Title: (Opens in a new Window)
Search URL Search Domain Scan URL
Title: (Opens in a new Window)
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Email Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://telbecfcu.com/
HTTP 301
https://www.telbecfcu.com/ HTTP 301
https://bayerhfcu.com/ HTTP 301
https://www.bayerhfcu.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://um.simpli.fi/triplelift HTTP 0
- https://eb2.3lift.com/xuid?mid=7969&xuid=5883F737111B4981B6C1B0FCD2AFCF70&dongle=yf3
- https://um.simpli.fi/telaria_p HTTP 302
- https://simplifi.partners.tremorhub.com/sync?UISF=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/tapad HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=5883F737111B4981B6C1B0FCD2AFCF70 HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/ad_advisor HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=5883F737111B4981B6C1B0FCD2AFCF70 HTTP 302
- https://d.agkn.com/pixel/10751/?che=1679574542248&ip=217.64.151.69&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219383204464002182330 HTTP 302
- https://um.simpli.fi/aa_px?sk=219383204464002182330 HTTP 302
- https://um.simpli.fi/empty.gif
- https://um.simpli.fi/intentiq HTTP 302
- https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/dtnx HTTP 302
- https://fei.pro-market.net/engine?du=24;csync=5883F737111B4981B6C1B0FCD2AFCF70;mimetype=img; HTTP 302
- https://fei.pro-market.net/engine?du=24;csync=5883F737111B4981B6C1B0FCD2AFCF70;mimetype=img;sr HTTP 302
- https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-4308533387787352075
- https://um.simpli.fi/exelatem HTTP 302
- https://loadm.exelator.com/load/?p=204&g=2191&simid=5883F737111B4981B6C1B0FCD2AFCF70&j=0 HTTP 302
- https://loadm.exelator.com/load/?p=204&g=2191&simid=5883F737111B4981B6C1B0FCD2AFCF70&j=0&xl8blockcheck=1
- https://um.simpli.fi/beachfront HTTP 302
- https://sync.bfmio.com/sync?pid=141&uid=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/bluekai HTTP 302
- https://stags.bluekai.com/site/29931?id=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/crwdcntrl HTTP 302
- https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/lj_match HTTP 302
- https://ce.lijit.com/merge?pid=2&3pid=5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/liveramp_match HTTP 302
- https://idsync.rlcdn.com/419566.gif?partner_uid=5883F737111B4981B6C1B0FCD2AFCF70
- https://www.googleadservices.com/pagead/conversion/1026675585/?random=1679574542002&cv=7&fst=1679574542002&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1452664885&cv=7&fst=1679574542002&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=DkYcZIXkA5XUxwKCgL9Y&sscte=1&crd= HTTP 302
- https://www.google.com/pagead/1p-conversion/1026675585/?random=1452664885&cv=7&fst=1679574542002&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DkYcZIXkA5XUxwKCgL9Y&cid=CAQSKQDUE5ymQ0KPW8_j9xtzwLqP75vYEl4YVsY-d3cN6Dz8AWf1JmfnRgFi&random=774174907 HTTP 0
- https://www.google.de/pagead/1p-conversion/1026675585/?random=1452664885&cv=7&fst=1679574542002&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DkYcZIXkA5XUxwKCgL9Y&cid=CAQSKQDUE5ymQ0KPW8_j9xtzwLqP75vYEl4YVsY-d3cN6Dz8AWf1JmfnRgFi&random=774174907&ipr=y&prhg=0
- https://um.simpli.fi/spotx_match HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5883F737111B4981B6C1B0FCD2AFCF70 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7797&uid=5883F737111B4981B6C1B0FCD2AFCF70&__user_check__=1&sync_id=4b23fdec-c976-11ed-bfc0-1860f0710206
- https://um.simpli.fi/an HTTP 302
- https://ib.adnxs.com/setuid?entity=66&code=5883F737111B4981B6C1B0FCD2AFCF70 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D5883F737111B4981B6C1B0FCD2AFCF70
- https://um.simpli.fi/rb_match HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=5883F737111B4981B6C1B0FCD2AFCF70&expires=365
- https://um.simpli.fi/ox_match HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537072966&val=5883F737111B4981B6C1B0FCD2AFCF70
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
- https://um.simpli.fi/g_match?id=&google_gid=CAESEB2-dDejNJdx5XeYbCaP-Ok&google_cver=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5883F737111B4981B6C1B0FCD2AFCF70 HTTP 302
- https://um.simpli.fi/g_match?id=
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.bayerhfcu.com/ Redirect Chain
|
40 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.css
www.bayerhfcu.com/assets/css/ |
246 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf48d540-8fc8-0137-e8e8-06a9ed4ca31b
tag.simpli.fi/sifitag/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bayer-heritage-federal-credit-union-logo.svg
www.bayerhfcu.com/assets/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c888fd87-efef-4ebd-a46e-7599100b6765
banno.com/a/assets/api/institutions/ea13ccaa-7b67-44b9-a94d-ec6320ef4e41/assets/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-handshake-2x.png
www.bayerhfcu.com/assets/files/BUtW2rQC/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-megaphone-2x.png
www.bayerhfcu.com/assets/content/en7vsKV5/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-money-2x.png
www.bayerhfcu.com/assets/files/mn2QZbp7/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-laptop-2x.png
www.bayerhfcu.com/assets/content/zjdrbcg8/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-handTablet-2x.png
www.bayerhfcu.com/assets/files/eIisoccr/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-fraudsquad-2x.png
www.bayerhfcu.com/assets/files/OO6Op26P/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
testimonial_woman.jpg
www.bayerhfcu.com/assets/files/8S2XFLGw/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appStore.png
www.bayerhfcu.com/assets/content/ABgDl9te/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlePlay.png
www.bayerhfcu.com/assets/content/oTJLvxKh/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BHRIS%20subhero2019.png
www.bayerhfcu.com/assets/content/LDEDQXJV/ |
318 KB 319 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LMCUhomesubtax.png
www.bayerhfcu.com/assets/content/IEzBFSK3/ |
296 KB 297 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
badge.min.js
banno.com/a/monitor/api/badge/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ehl.svg
www.bayerhfcu.com/assets/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ncua.svg
www.bayerhfcu.com/assets/img/ |
19 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.bayerhfcu.com/assets/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
www.bayerhfcu.com/assets/js/ |
144 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
disclaimers.js
www.bayerhfcu.com/assets/target/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pattern-background.svg
www.bayerhfcu.com/assets/img/ |
34 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark.svg
www.bayerhfcu.com/assets/img/ |
183 B 735 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-pattern-background.svg
www.bayerhfcu.com/assets/img/ |
33 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icons.woff
www.bayerhfcu.com/assets/font/ |
2 KB 3 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kernel.js
kernel-serve.banno.com/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visit
kernel-serve.banno.com/institutions/ea13ccaa-7b67-44b9-a94d-ec6320ef4e41/profiles/49f4b050-c976-11ed-96c5-024273b54019/ |
0 205 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
disclaimer
www.bayerhfcu.com/_/api/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
last-check
banno.com/a/monitor/api/ |
79 B 196 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
monitor-badge-light.png
banno.com/a/monitor/api/badge/ |
963 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.bayerhfcu.com/assets/css/ |
3 KB 979 B |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
i.simpli.fi/ |
750 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
xuid
eb2.3lift.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
simplifi.partners.tremorhub.com/ Redirect Chain
|
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check
pixel.tapad.com/idsync/ex/receive/ Redirect Chain
|
95 B 435 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
empty.gif
um.simpli.fi/ Redirect Chain
|
43 B 361 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubmatic
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
freewheel
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
loadm.exelator.com/load/ Redirect Chain
|
0 767 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yahoo
um.simpli.fi/ |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
sync.bfmio.com/ Redirect Chain
|
0 421 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29931
stags.bluekai.com/site/ Redirect Chain
|
62 B 452 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpid=5883F737111B4981B6C1B0FCD2AFCF70
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Redirect Chain
|
49 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
0 311 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
419566.gif
idsync.rlcdn.com/ Redirect Chain
|
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.google.de/pagead/1p-conversion/1026675585/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g_match
um.simpli.fi/ Redirect Chain
|
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oswald-regular-webfont.woff2
www.bayerhfcu.com/assets/font/ |
19 KB 19 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
droidsans-webfont.woff2
www.bayerhfcu.com/assets/font/ |
20 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
droidsans-bold-webfont.woff2
www.bayerhfcu.com/assets/font/ |
21 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- eb2.3lift.com
- URL
- https://eb2.3lift.com/xuid?mid=7969&xuid=5883F737111B4981B6C1B0FCD2AFCF70&dongle=yf3
- Domain
- www.google.de
- URL
- https://www.google.de/pagead/1p-conversion/1026675585/?random=1452664885&cv=7&fst=1679574542002&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DkYcZIXkA5XUxwKCgL9Y&cid=CAQSKQDUE5ymQ0KPW8_j9xtzwLqP75vYEl4YVsY-d3cN6Dz8AWf1JmfnRgFi&random=774174907&ipr=y&prhg=0
Verdicts & Comments Add Verdict or Comment
48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| dataLayer function| gtag function| $ function| jQuery object| google_tag_manager function| kernel object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| sifi_att_42656 object| kernelAssociateTimeout object| kernelSyncTimeout object| kernelLoginFormElementId string| kernelTestValue function| kernelClickthroughCallback1 object| bootbox object| banno function| setDisclaimerVerbiage string| defaultDisclaimerMessage function| createCookie function| readCookie function| eraseCookie function| randomSlide function| waitForElementToDisplay function| isTouchDevice function| openOrpheus function| performLogin object| $body object| $bodyhtml object| $slider object| $logo object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| Modernizr function| yepnope object| com object| jha25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.bayerhfcu.com/ | Name: PLAY_SESSION Value: 61c522b509deb39b11b286c8afcb935f26615d4a-v=1 |
|
.www.bayerhfcu.com/ | Name: __bkp Value: 49f4b050-c976-11ed-96c5-024273b54019 |
|
.bayerhfcu.com/ | Name: _ga Value: GA1.2.589588208.1679574541 |
|
.bayerhfcu.com/ | Name: _gid Value: GA1.2.1277078723.1679574541 |
|
.bayerhfcu.com/ | Name: _gat_gtag_UA_23560296_10 Value: 1 |
|
.simpli.fi/ | Name: suid Value: 5883F737111B4981B6C1B0FCD2AFCF70 |
|
.bayerhfcu.com/ | Name: __bkp Value: 49f4b050-c976-11ed-96c5-024273b54019 |
|
.simpli.fi/ | Name: uid_syncd_secure Value: true |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUka7UHpGalrDQGz1iS4y39eGQEspqR5cRUoaikiYpbgwxDSfLqbvifvwtFG |
|
.adnxs.com/ | Name: uuid2 Value: 8701114655206772316 |
|
.tapad.com/ | Name: TapAd_TS Value: 1679574542149 |
|
.tapad.com/ | Name: TapAd_DID Value: 91e5200e-4c06-4724-852f-516941d167b7 |
|
.pro-market.net/ | Name: anProfile Value: "-wqfjm9md3cp7+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800203D00101267DB37B75788+s2=(rrz40e)+vm=24-5883F737111B4981B6C1B0FCD2AFCF70" |
|
.pro-market.net/ | Name: anHistory Value: "-wqfjm9md3cp7+2+!#7')!v!2!o" |
|
.tapad.com/ | Name: TapAd_3WAY_SYNCS Value: |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C$MemW2O!]tbPl1N!7On*M$=BX/udZ!/lkaJo$i+o8WdY0IOl!MoZh1Y*[iIYDmli'S=pQqZ'%(2K:$doS]%6lNknyR`? |
|
.spotxchange.com/ | Name: audience Value: 4b23fd96-c976-11ed-bfc0-1860f0710206 |
|
.agkn.com/ | Name: ab Value: 0001%3ABLxBaBx2qDOPG3DGANXnQvsm7FfPvSDK |
|
.exelator.com/ | Name: EE Value: "159a03214e3c12a8c437398c520cb9c0" |
|
.exelator.com/ | Name: ud Value: "eJxrXxzq6XKLQcHQ1DLRwNjI0CTVONnQKNEi2cTY3NjSItnUyCA5yTLZYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQcEl%252BUWb6IhfXxUUpaQyLSopPBR9utwQAZowpdA%253D%253D" |
|
.agkn.com/ | Name: u Value: C|0AAAAAAAAK68CjgAAAAAA |
|
.bluekai.com/ | Name: bku Value: blx9998scsxSsfLj |
|
.bluekai.com/ | Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEDTmeBsBp1l1EWhxMx8meaYBA1hxMOsx6x0xDjeHMzy9y9kGxrM |
|
.bfmio.com/ | Name: __141_cid Value: 5883F737111B4981B6C1B0FCD2AFCF70 |
|
.bfmio.com/ | Name: __io_cid Value: fda33611d28cde726696932183998425ca1b970d |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; connect-src 'self' crownpeak.net *.crownpeak.net *.google-analytics.com *.doubleclick.net; font-src 'self' 'unsafe-inline' *.googleapis.com *.gstatic.com; frame-ancestors 'self'; frame-src 'self' *.youtube.com *.google.com *.vimeo.com; img-src 'self' *.google-analytics.com *.googletagmanager.com banno.com *.banno.com *.googleapis.com *.gstatic.com *.w55c.net *.extend.tv *.simpli.fi *.doubleclick.net *.tremorhub.com *.bluekai.com *.bfmio.com *.tapad.com *.crwdcntrl.net *.spotxchange.com *.agkn.com *.intentiq.com *.adnxs.com *.rubiconproject.com *.openx.net *.pubmatic.com *.advertising.com *.exelator.com *.stickyadstv.com *.analytics.yahoo.com *.rlcdn.com *.lijit.com *.pro-market.net *.googleadservices.com *.tribalfusion.com *.company-target.com *.demdex.net *.parrable.com *.demdex.net *.google.com *.kargo.com data: *.banno.com banno.com; media-src 'self'; script-src 'self' 'unsafe-inline' *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.googleapis.com banno.com *.banno.com crownpeak.com *.crownpeak.com *.simpli.fi *.doubleclick.net *.banno.com banno.com; style-src 'self' 'unsafe-inline' *.googleapis.com |
Strict-Transport-Security | max-age=16070400 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aa.agkn.com
banno.com
bayerhfcu.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
kernel-serve.banno.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
telbecfcu.com
um.simpli.fi
us-u.openx.net
www.bayerhfcu.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.telbecfcu.com
eb2.3lift.com
www.google.de
104.196.233.191
104.76.200.221
172.217.16.130
185.94.180.126
216.52.2.39
2600:1901:0:8eee::
2600:1f18:612b:4200:4809:96c8:9dad:fc11
2a00:1450:4001:801::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
34.111.113.62
34.230.110.36
34.254.143.3
34.90.223.176
34.90.79.92
34.91.62.186
34.98.64.218
35.244.174.68
37.252.171.21
52.189.67.130
52.222.214.59
52.59.80.27
54.194.149.6
54.229.214.237
69.173.144.138
74.200.39.23
04f1c7f3cc2a1fb061832b5cbf9b4c47d06bad027035597a16e8e76af7dc4a5a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1604d31d27b2fae30f591425295683ca55eb941ff99539d69c222c5e2279a6a6
19f097012c3bf028eb17951d04b212130c66b98cbeae1bb563972a44338a707c
1fe7143faf4c7ed84573623b62ab1451a9d10947830d4b4be94554e6b858f89a
22abd66e7fa1c25fd6f4a0b539839c86039f30849698a21ff44fa4a240feec1f
2de3d4cc15c815df848e24201753ff1aaef1efe8980702edf14000137f016ca0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f97fb4cabe7598efbccbaf101a581751eaf74f14368b350f2a17b1bb95256d1
3927b4af593d3233a6e552853c0588aeaed86d2052b3a85cca21c617932c0fe1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de52fd7a1d3e3f0188fca71d10e60f052aa033f3f6047a39b218c6e13e38795
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52c793744412bdc6097e67e733f99d9edae05d7480b06b6b49db5ec1e3aa12c0
56258e3cfdcb0226dd7d1b38639a7fd58b09438110f432f16fc85197d474a2ef
5819adc727843b3e802137e47cc86dfe8493f1c60418ec5656b60a9bd53c9ca6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f1dbf88bb4fae5df8a3912828ce4fc084d07ad409d86c1b1dcbe31a02952820
651ff26b1d6f9297011f4f93a2465da7e586ea44169d9deb71151b5ac468e16b
699cac313d8951280c956fb9bced030d668acc60e642b08d1f9e0a9a313ed2b7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df40bba13038569214e325bed0ab95a86e1fb1f81c7bddbce5b2d820df416a2
6f97cc98fbdd2c8a76432120440e25522db2ed104b567e001dc92eaaf05fbf6c
7107fb76e5032f582b626d7994695708dbf4f1f2b7b183761b5eda831953dfa4
7be62152e519af8a8ad30c35965e2af09227b09a6d3d356919f50f64d0f6ad8b
7cae47a88d24c17da61cc71f1baf4614bee4655d81280c92fc2475747ce34230
8369230b44d477e3a6eba3470bdf6434c2d249f9b0a9aa094c226e2cd62db1ce
83cd7fa925750892b11b1f26aa215bea959435c685c5a7819ad30b48ec5f1564
877e83463461f127de1bfa5a08745265d64669281824250e53e480e226f5f3db
9202d951a4495690ba075724fc714929996d62bdd9ce8c25ed4bb065fa88418e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
bb556bfa5d728cc2d374624eb48f5a1e8ab7bf7d24a4f7c768292e6f80a54a9f
bc32c471e91af9ffa4f60a5c768d479cfea86a22c42a3bf401fa516ce011b99b
bd3c1895c8cb01e570111065ce0e02d1e24e2f396bf466b52674d18287802c00
c2def4317193e1dbbf2cfdabc4d4dff351b090f596db7f452d0e7c44acc086c8
c6ecc082a7e10ec3ca0bb29e9d491cc2cee731d1449630fb95912d2bb80fe87d
c8396cada5a54a48dcee945be2d959ee2961b22a12bffd262dfff755d839244d
cf3bdbbb85120b4ad0fb791e3af3577988cb38b84d3e3071ae8857c9dd8cdd57
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d60d3d2774fa2cb3b45fa65c0d0944d4cddf113ef65a46c9c4895398c45ccff1
dbc901b6ea909493d453330705f0c7ff7767d0e70f07d6504fb08d0f35214009
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e032c2fc28e8ff7ef5942a86debaee8685482ee6560538c72a179c7bf08d5c7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62bdb1248c7e4d856eb804738ef310e28d3d8b4a9ef40bccb0a5059a61313d7
eb533e731975bfcb3c54ffaf32983b80424a0f23717f2e676fcf3f63f60c415e
f379c5b1dd40f1a386c0623c117231a34118444c2159f7ac39044625d796c3ee