Edit tour

Windows Analysis Report
http://www.midoregon.com

Overview

General Information

Sample URL:	http://www.midoregon.com
Analysis ID:	1465673
Infos:

Detection

Score:	48
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Detected non-DNS traffic on DNS port

Found iframes

Stores files to the Windows start menu directory

Classification

Process Tree

System is w10x64

chrome.exe (PID: 4308 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5260 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1820 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2672 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7248 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5032 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7384 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1084 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.midoregon.com" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://feed.mikle.com

LLM: Score: 8 brands: Mid Oregon Credit Union Reasons: The URL 'https://feed.mikle.com' does not match the legitimate domain associated with Mid Oregon Credit Union, which is 'midoregon.com'. The presence of a prominent login form and the use of social engineering techniques such as urgent messages about connectivity issues and holiday closures are common in phishing sites. Additionally, the domain 'feed.mikle.com' appears suspicious and unrelated to the legitimate brand. DOM: 3.8.pages.csv

Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefined
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefined
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/loadBot
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefined
Source: https://www.midoregon.com/	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: Iframe src: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: Iframe src: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=

Source: https://www.midoregon.com/	HTTP Parser: <input type="password" .../> found
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: <input type="password" .../> found
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: <input type="password" .../> found

Source: https://www.midoregon.com/	HTTP Parser: No favicon
Source: https://www.midoregon.com/	HTTP Parser: No favicon
Source: https://www.midoregon.com/	HTTP Parser: No favicon
Source: https://www.midoregon.com/	HTTP Parser: No favicon
Source: https://www.midoregon.com/	HTTP Parser: No favicon
Source: https://www.midoregon.com/	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.google.com/maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus	HTTP Parser: No favicon
Source: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefined	HTTP Parser: No favicon
Source: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading	HTTP Parser: No favicon
Source: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading	HTTP Parser: No favicon
Source: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading	HTTP Parser: No favicon
Source: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading	HTTP Parser: No favicon
Source: https://contact.midoregon.com/chat/loadBot	HTTP Parser: No favicon
Source: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automat...	HTTP Parser: No favicon
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: No favicon
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: No favicon
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: No favicon
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: No favicon
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: No favicon
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: No favicon

Source: https://login.midoregon.com/Registration	HTTP Parser: No <meta name="author".. found
Source: https://login.midoregon.com/Registration	HTTP Parser: No <meta name="author".. found

Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: No <meta name="copyright".. found
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: No <meta name="copyright".. found
Source: https://www.midoregon.com/online/digital-banking.shtml	HTTP Parser: No <meta name="copyright".. found
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: No <meta name="copyright".. found
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: No <meta name="copyright".. found
Source: https://www.midoregon.com/contact/atm-locations.shtml	HTTP Parser: No <meta name="copyright".. found
Source: https://login.midoregon.com/Registration	HTTP Parser: No <meta name="copyright".. found
Source: https://login.midoregon.com/Registration	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.5:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.228.174.117:443 -> 192.168.2.5:49963 version: TLS 1.2

Source: global traffic

TCP traffic: 192.168.2.5:61560 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.211.8.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/bootstrap.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /style.new.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/dark.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/font-icons.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/animate.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/magnific-popup.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/colors.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/custom.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/smart-app-banner.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/appstore-apple.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/appstore-google.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/fonts/font-icons.woff HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.midoregon.com/css/font-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/image_view.js HTTP/1.1Host: www.surveycarrot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/fonts/lined-icons.woff HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.midoregon.com/css/font-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery-min.js HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/sos-script.js HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/hero/banking-elevated.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/logo@2x.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/menu.accounts.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/fw-loader.js HTTP/1.1Host: feed.mikle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sifitag/73fcc20f-faf5-487d-8165-57e69981a322 HTTP/1.1Host: tag.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/functions.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/smart-app-banner.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/menu.business.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/menu.services.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /elt-iva-resources-prod/chat/contact-widget-embed.js HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/menu.resources.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/Roadie_48_Charcoal_3qtr_Front_Open_nobackgrnd_sm.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/hero/rewards.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/tab.news.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefined HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2F HTTP/1.1Host: www.surveycarrot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apps/app/assets/js/acsb.js HTTP/1.1Host: acsbapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/tab.resources.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cards/Financial-Checkup-Web-Card-sm-400x245.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/fw-widget.js?v=1.2 HTTP/1.1Host: feed.mikle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cards/240117-winter-deposit-webcard.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /images/appstore-apple.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/appstore-google.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /signals/config/186387211961646?v=2.9.159&r=stable&domain=www.midoregon.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cards/220525_EverydayRewards_homepage%20card.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/cards/Tax_Services_Banner_400x245_webcard.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/footer-widget-logo.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.6-v2.js?11 HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /article_images/1715289159.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/camera.png HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /article_images/1719766335.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /article_images/1719684441.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /article_images/1633368393.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/eho-logo.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/logo@2x.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading HTTP/1.1Host: feed.mikle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/hero/banking-elevated.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/menu.accounts.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/menu.business.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/TWP_Oregon_2023.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/avtec.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2F HTTP/1.1Host: www.surveycarrot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/menu.services.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/menu.resources.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /js/LinkDisclosure.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/hero/heloc.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /sos-images/question-mark.png HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/sections/paulina-peak.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1
Source: global traffic	HTTP traffic detected: GET /images/loading.gif HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/backgrounds/lake.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1
Source: global traffic	HTTP traffic detected: GET /images/camera.png HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /article_images/1715289159.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/Roadie_48_Charcoal_3qtr_Front_Open_nobackgrnd_sm.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /article_images/1719766335.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/backgrounds/bg.footer.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.easing.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/squares.svg?v=1559546514 HTTP/1.1Host: feed.mikle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=LoadingAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869632048&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=82ce2d&ler=empty&cdl=API_unavailable&it=1719869630579&coo=false&cs_cc=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869632048&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=82ce2d&ler=empty&cdl=API_unavailable&it=1719869630579&coo=false&cs_cc=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /article_images/1633368393.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /article_images/1719684441.jpg HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/tab.news.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/hero/rewards.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/tab.resources.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/cards/240117-winter-deposit-webcard.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/cards/Financial-Checkup-Web-Card-sm-400x245.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/cobrowse/externalUrl/v1 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.midoregon.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /chat/loadBot HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/loading2.gif HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/exit.png HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefinedAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /js/linkwarning.js?_=1719869629237 HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.bootstrap.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.lightbox.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /sos-images/question-mark.png HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/cards/220525_EverydayRewards_homepage%20card.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1
Source: global traffic	HTTP traffic detected: GET /images/loading.gif HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /js/plugins.fitvids.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.animations.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/squares.svg?v=1559546514 HTTP/1.1Host: feed.mikle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/cards/Tax_Services_Banner_400x245_webcard.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1
Source: global traffic	HTTP traffic detected: GET /tr/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869632048&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=82ce2d&ler=empty&cdl=API_unavailable&it=1719869630579&coo=false&cs_cc=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/plugins.tabs.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/footer-widget-logo.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1
Source: global traffic	HTTP traffic detected: GET /images/eho-logo.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869632048&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=82ce2d&ler=empty&cdl=API_unavailable&it=1719869630579&coo=false&cs_cc=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/avtec.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/TWP_Oregon_2023.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.counter.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.carousel.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /surfly.js HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/plugins.linkscroll.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/sections/paulina-peak.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/exit.png HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /images/loading2.gif HTTP/1.1Host: www.stickleyonsecurity.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SITEID=341493035692222819705801652235608885171723169
Source: global traffic	HTTP traffic detected: GET /js/plugins.form.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /api/widget/read/body/?widget_id=61549&ig_access_token=undefined&locale=undefined HTTP/1.1Host: feed.mikle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=LoadingAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ABC-Diatype/ABCDiatype-Bold.woff2 HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://contact.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ABC-Diatype/ABCDiatype-BoldItalic.woff2 HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://contact.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ABC-Diatype/ABCDiatype-Medium.woff2 HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://contact.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ABC-Diatype/ABCDiatype-MediumItalic.woff2 HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://contact.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ABC-Diatype/ABCDiatype-Regular.woff2 HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://contact.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /react-apps/chat/vendor.ed585edca71a33e88cec.js HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ABC-Diatype/ABCDiatype-RegularItalic.woff2 HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://contact.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /react-apps/chat/chat.6fb7976f75facbeb0095.js HTTP/1.1Host: doerd31l9oh9k.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/es6-shim.min.js HTTP/1.1Host: d2kc9bbovjrjt2.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://contact.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/plugins.subscribe.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6220176-2&cid=1008880447.1719869630&jid=1641472113&gjid=1888356795&_gid=510304597.1719869632&_u=YADAAUAAAAAAACAAI~&z=534396189 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/plugins.shapedivider.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/hero/heloc.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/backgrounds/lake.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/backgrounds/bg.footer.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/linkwarning.js?_=1719869629237 HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/logo-dark.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /messages/service/cobrowse/externalUrl/v1 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/logo-dark@2x.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /static/bundles/widget/apiframe.js HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/logo-dark.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/logo-dark@2x.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /api/widget/read/body/?widget_id=61549&ig_access_token=undefined&locale=undefined HTTP/1.1Host: feed.mikle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://feed.mikle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/icon/apple-icon-144x144-dunplab-manifest-13604.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /js/plugins.parallax.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/loadBotAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /p?cid=206526&cb=sifi_att_42656._hp HTTP/1.1Host: i.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0
Source: global traffic	HTTP traffic detected: GET /3rdpartycookietest/ HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/company/options/?api_key=65134712b8de4f8897bd072df143abac HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.midoregon.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages= HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=1719871441&Signature=CSME0SSSKVdD0KTK8SBBWP-PaxF1gmoT98mODKY0qJaESjOPXsYfkoEVbXuBqsPJ~6sUfQw7vuWVX3pa39D2VvofzXqEUM9h2emN7HF9mSeUTGMZijjoCMekN-29o2~GDlRZfcD1fwSs0boIhWVY27O0SGq~OppI~UMM4NMrxmUJeodI0U3U5Iwy~HBsq7L5cytv5TPqucJglOAJUH5ScJi254KO2UWGeIDUr7SDzutaxNNDj784JKpmpnry6jbVf8C0TaYm9T8868PJa3P22v2pXl7qnxsJbM9khwq5LsR6KuBP0a20rpJ56ovyX7p9U2-FSqt8Dyx9QAG9xXBw6A__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=simplifi&google_cm&google_sc HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/icon/apple-icon-144x144-dunplab-manifest-13604.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /smaato HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /nexxen HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /triplelift HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /telaria_p HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /tapad HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /ad_advisor HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /static/bundles/dashboard/translate_global.a95f832be73f9b1e5a17.js HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cobrowsing.eltropy.com/3rdpartycookietest/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messages/service/domain/settings/get HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/panels/data?panelId= HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestAccept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /sync?UISF=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: simplifi.partners.tremorhub.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /xuid?mid=7969&xuid=AC32D053B469479CB9B9C6587A4519D0&dongle=yf3 HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive?partner_id=2305&partner_device_id=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/1026675585/?random=1236793904&cv=7&fst=1719869641484&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECIgEBQAE&pscrd=CMeOldaHhrS2LyITCMe66djlhocDFd5NHgIdL3sDNTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhpodHRwczovL3d3dy5taWRvcmVnb24uY29tLw HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /c/?dspInit=1001136&dspCookie=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: s.ad.smaato.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync/simplifi/AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adscores/g.pixel?sid=9201915418&sifi_uid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: aa.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: pixel.tapad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1719869643798; TapAd_DID=3b0c250f-47b8-498e-8be0-7d24f6ca5873
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /intentiq HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /xuid?ld=1&mid=7969&xuid=AC32D053B469479CB9B9C6587A4519D0&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4553816231609767600951; tluid=4553816231609767600951
Source: global traffic	HTTP traffic detected: GET /g_match?id=&google_gid=CAESEH-9wlfPq2OftScY9o2Noq0&google_cver=1 HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/panels/data?panelId= HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/1026675585/?random=1236793904&cv=7&fst=1719869641484&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECIgEBQAE&pscrd=CMeOldaHhrS2LyITCMe66djlhocDFd5NHgIdL3sDNTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhpodHRwczovL3d3dy5taWRvcmVnb24uY29tLw&is_vtc=1&cid=CAQSKQDaQooLoe0jMr9a2dyMHB7OvHBUBGgQPzm9xOu62daBZRHUOJ9RJvWg&random=22151835 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pubmatic HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /online/digital-banking.shtml HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /v2/company/options/?api_key=65134712b8de4f8897bd072df143abac HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /usersync/simplifi/AC32D053B469479CB9B9C6587A4519D0?zcc=1&cb=1719869643936 HTTP/1.1Host: sync.1rx.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-edf8f10c-783e-403a-91e7-a40f6df88b7f-003%22%7D
Source: global traffic	HTTP traffic detected: GET /sync?UISF=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: simplifi.partners.tremorhub.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=1719871441&Signature=CSME0SSSKVdD0KTK8SBBWP-PaxF1gmoT98mODKY0qJaESjOPXsYfkoEVbXuBqsPJ~6sUfQw7vuWVX3pa39D2VvofzXqEUM9h2emN7HF9mSeUTGMZijjoCMekN-29o2~GDlRZfcD1fwSs0boIhWVY27O0SGq~OppI~UMM4NMrxmUJeodI0U3U5Iwy~HBsq7L5cytv5TPqucJglOAJUH5ScJi254KO2UWGeIDUr7SDzutaxNNDj784JKpmpnry6jbVf8C0TaYm9T8868PJa3P22v2pXl7qnxsJbM9khwq5LsR6KuBP0a20rpJ56ovyX7p9U2-FSqt8Dyx9QAG9xXBw6A__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/master.css HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: pixel.tapad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TapAd_TS=1719869643798; TapAd_DID=3b0c250f-47b8-498e-8be0-7d24f6ca5873; TapAd_3WAY_SYNCS=
Source: global traffic	HTTP traffic detected: GET /pixel/10751/?che=1719869644065&ip=8.46.123.33&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216573104930005332115 HTTP/1.1Host: d.agkn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ab=0001%3AsvLGiE%2BPS%2Ff5IunL6i1byuK5d%2BjCjasY
Source: global traffic	HTTP traffic detected: GET /freewheel HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestAccept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871441%2526Signature%253DY0Ac8BQhRpzsL%7EJT-KfnpnpqO-BTGI2QX2AHH-hF1q3Q%7ETJJnmd-dEp8xI-TlW0XP%7ElsBIjn%7EZ0N0xlvGAhhLdbUUX5%7EKwfiyFxpzMr4p3DPqvt6BI-pOoQwisxwi8eyFsc5VB%7EjVzmG-8FVls3Pa0IxhtKHFSLFP-Onyni2J0H0ReD5u3TRIzWctdOxJNwHVxQezus9pssYtZB71WySIOcfU1i6ZI95NOhUXg%7E2IFPafGiecEUq5W8B5WHGIhW6lbcennhgXlzIe9jB8sfUfe4HevV%7E%7Ei5JkVPkgh%7ED6jvAhPJWG46UPkGLm2O0IU6gspdo2NmxhoBcvOKbHszlRQ__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /xuid?ld=1&mid=7969&xuid=AC32D053B469479CB9B9C6587A4519D0&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= HTTP/1.1Host: eb2.3lift.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluid=4553816231609767600951
Source: global traffic	HTTP traffic detected: GET /dtnx HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /js/img.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=simplifi&google_hm=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmGZAfNyFKAWV7cKtFBnE5fQHaf5ubrNGFXOplCQZODOF0s-0ggFyUeCOak
Source: global traffic	HTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: sync.intentiq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /exelatem HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/1026675585/?random=1236793904&cv=7&fst=1719869641484&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECIgEBQAE&pscrd=CMeOldaHhrS2LyITCMe66djlhocDFd5NHgIdL3sDNTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhpodHRwczovL3d3dy5taWRvcmVnb24uY29tLw&is_vtc=1&cid=CAQSKQDaQooLoe0jMr9a2dyMHB7OvHBUBGgQPzm9xOu62daBZRHUOJ9RJvWg&random=22151835 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/plugins.min.js HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /aa_px?sk=216573104930005332115 HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /pubmatic HTTP/1.1Host: um.simpli.fiConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /yahoo HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /freewheel HTTP/1.1Host: um.simpli.fiConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /engine?du=24;csync=AC32D053B469479CB9B9C6587A4519D0;mimetype=img; HTTP/1.1Host: fei.pro-market.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g_match?id= HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2Fonline%2Fdigital-banking.shtml HTTP/1.1Host: www.surveycarrot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apps/app/assets/js/acsb.js HTTP/1.1Host: acsbapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=277547-277547If-Range: "4068a7f1da6becc8680fb5747ce2ae26"
Source: global traffic	HTTP traffic detected: GET /images/Digital%20Banking/Accounts%20Screen%20Web2-1.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /images/Digital%20Banking/MERGED-SCREENS-TABLET-web-300x192.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_FPR7JDXPKQ=GS1.1.1719869630.1.0.1719869630.0.0.0; _ga=GA1.2.1008880447.1719869630; _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740
Source: global traffic	HTTP traffic detected: GET /sifitag/73fcc20f-faf5-487d-8165-57e69981a322 HTTP/1.1Host: tag.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC32D053B469479CB9B9C6587A4519D0&ckls=true&ci=RuqzY0Zd4k&nc=false&trid=393709842 HTTP/1.1Host: sync.intentiq.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: intentIQ=RuqzY0Zd4k; IQver=1.9
Source: global traffic	HTTP traffic detected: GET /engine?du=24;csync=AC32D053B469479CB9B9C6587A4519D0;mimetype=img;sr HTTP/1.1Host: fei.pro-market.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: anProfile="1+1+1f=1+1g=1+1j=57:1+rs=s+rt=082E7B21+s2=(sfyrwu)"
Source: global traffic	HTTP traffic detected: GET /tr/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869645069&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=e34b6e&ler=empty&cdl=API_unavailable&it=1719869644991&coo=false&cs_cc=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869645069&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=e34b6e&ler=empty&cdl=API_unavailable&it=1719869644991&coo=false&cs_cc=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger, event-sourceReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /beachfront HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /empty.gif HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /yahoo HTTP/1.1Host: um.simpli.fiConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /js/linkwarning.js?_=1719869644761 HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2Fonline%2Fdigital-banking.shtml HTTP/1.1Host: www.surveycarrot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/sections/devils-lake.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/online/digital-banking.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /apps/app/assets/js/acsb.js HTTP/1.1Host: acsbapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=277547-310290If-Range: "4068a7f1da6becc8680fb5747ce2ae26"
Source: global traffic	HTTP traffic detected: GET /messages/service/cobrowse/externalUrl/v1 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.midoregon.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /load/?p=204&g=2191&simid=AC32D053B469479CB9B9C6587A4519D0&j=0 HTTP/1.1Host: loadm.exelator.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/loadBotAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/Digital%20Banking/MERGED-SCREENS-TABLET-web-300x192.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/Digital%20Banking/Accounts%20Screen%20Web2-1.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /bluekai HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP/1.1Host: sync.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=AC32D053B469479CB9B9C6587A4519D0&ckls=true&ci=RuqzY0Zd4k&nc=false&trid=393709842 HTTP/1.1Host: sync.intentiq.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: intentIQ=RuqzY0Zd4k; IQver=1.9; CSDT=UEQ6MTAwNDNfMCZVSEpWbFhp; IQMID=137263905#1719869646974; ASDT=0; intentIQCDate=1719869646965; IQPData=137263905#1719869646956#0#1719869646956
Source: global traffic	HTTP traffic detected: GET /tr/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869645069&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=e34b6e&ler=empty&cdl=API_unavailable&it=1719869644991&coo=false&cs_cc=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /empty.gif HTTP/1.1Host: um.simpli.fiConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /crwdcntrl HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages= HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/linkwarning.js?_=1719869644761 HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /3rdpartycookietest/ HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test=3rdparty; 8fcbus=1iw3mj
Source: global traffic	HTTP traffic detected: GET /images/sections/devils-lake.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/cobrowse/externalUrl/v1 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869645069&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=e34b6e&ler=empty&cdl=API_unavailable&it=1719869644991&coo=false&cs_cc=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=1719871447&Signature=ZgYtMMcK5~uDfz5G430IABZFPoSJcH~uiZTzRIKnzBQgOusO0dt50M-rBVnM9OYmv1yEGBqHoMp1YY1anOBqg0RSkb9LZVFW2K-1XSOOFjBhZtRmhKw5Bh5RdMmAJdnlCmq~hkGbbcdggC5lGuvHH7rIc6-DTSm9jIhluLmVKEUCvw7QM3ctmdmM3-71mW5FcM1Omg30vFdZqlYrsZpS9DNXilmNgJ~PHBzD32AvKGt17e30qGzN5cPl2tO7ZckeCdwfuEiJDIzwfgQTslVP14LrXYcaCGFeGsnP00j2rFcjPW6BacyGamhZ0QIUarhGuwv8ZDHGZMiTL1rdyY8OtQ__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /load/?p=204&g=2191&simid=AC32D053B469479CB9B9C6587A4519D0&j=0&xl8blockcheck=1 HTTP/1.1Host: loadm.exelator.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: EE="5fe20265b0d64a84b7b937d4e6e00dd0"; ud="eJxrXxzq6XKLQcE0LdXIwMjMNMkgxcwk0cIkyTzJ0tg8xSTVLNXAICXFYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9UWjw4qKUNMZFJcWngk9YyAAARTcmzA%253D%253D"
Source: global traffic	HTTP traffic detected: GET /config/midoregon.com/config.json HTTP/1.1Host: cdn.acsbapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.midoregon.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?pid=141&uid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: sync.bfmio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messages/service/domain/settings/get HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/panels/data?panelId= HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestAccept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1 HTTP/1.1Host: sync.smartadserver.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TestIfCookieP=ok; pbw=%24b%3d16999%3b%24o%3d11100
Source: global traffic	HTTP traffic detected: GET /lj_match HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /liveramp_match HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /map/c=7625/tp=SIMP/tpid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /spotx_match HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/panels/data?panelId= HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /p?cid=206526&cb=sifi_att_42656._hp HTTP/1.1Host: i.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /config/midoregon.com/config.json HTTP/1.1Host: cdn.acsbapp.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1 HTTP/1.1Host: sync.smartadserver.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TestIfCookieP=ok; pbw=%24b%3d16999%3b%24o%3d11100; pid=1832577578471190165
Source: global traffic	HTTP traffic detected: GET /Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=1719871447&Signature=ZgYtMMcK5~uDfz5G430IABZFPoSJcH~uiZTzRIKnzBQgOusO0dt50M-rBVnM9OYmv1yEGBqHoMp1YY1anOBqg0RSkb9LZVFW2K-1XSOOFjBhZtRmhKw5Bh5RdMmAJdnlCmq~hkGbbcdggC5lGuvHH7rIc6-DTSm9jIhluLmVKEUCvw7QM3ctmdmM3-71mW5FcM1Omg30vFdZqlYrsZpS9DNXilmNgJ~PHBzD32AvKGt17e30qGzN5cPl2tO7ZckeCdwfuEiJDIzwfgQTslVP14LrXYcaCGFeGsnP00j2rFcjPW6BacyGamhZ0QIUarhGuwv8ZDHGZMiTL1rdyY8OtQ__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /419566.gif?partner_uid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /merge?pid=2&3pid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestAccept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871447%2526Signature%253DGZdJiJsS5qnlTO0CfdE1zN54faasvBX4TATeeD5ptTexYEukIXCi3gWRqCZj-5Co5ZfO2hwwIb5STBg1sKql3NYp4KflrBdX2CmiYmBuFxfpk-OJy-yDe%7Ecbn2%7EFK7n1B2ofx7dXin1muXsA%7Eo2ZFYEXuKwqOCcFFvmaF%7EmfqNCXIjyvERWwNXgnloSZQpw64j9ucWVK7t4NJdfJAM8CVvRb6d9XP0oB3dK3VEjsMtQUM1NPfnO2HWvgCbcfsbn1L9%7Et5CdMPHahnt-waRyVuaDVrFWjVYJwpN1NsIsF2hmEzKNdEfys56ca1-lI0q3w9SLHO-LMgRnity9laieD7g__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /an HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /rb_match HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /1000.gif?memo=CO7NGRIrCicIARDuJBogQUMzMkQwNTNCNDY5NDc5Q0I5QjlDNjU4N0E0NTE5RDAQABoNCNTBjLQGEgUI6AcQAEIASgA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=+4ikMEfvyzo2hPjBVzzUdbD1TRZERrHUYMmhIBp7PGE=; pxrc=CAA=
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /map/ct=y/c=7625/tp=SIMP/tpid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_cc=ctst
Source: global traffic	HTTP traffic detected: GET /merge?pid=2&3pid=AC32D053B469479CB9B9C6587A4519D0&dnr=1 HTTP/1.1Host: ce.lijit.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ljt_reader=I65uAQZHFtMDba2sSr6Bfzzk
Source: global traffic	HTTP traffic detected: GET /contact/atm-locations.shtml HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /api/sync?pid=5324&it=1&iv=658aa19eb92def695fff44c85b0b758da71a3e17427b9d0f3ac997cd2934b03e791426b5417dce21&_=2 HTTP/1.1Host: pippio.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ox_match HTTP/1.1Host: um.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /merge?pid=2&3pid=AC32D053B469479CB9B9C6587A4519D0&dnr=1 HTTP/1.1Host: ce.lijit.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ljt_reader=I65uAQZHFtMDba2sSr6Bfzzk; _ljtrtb_2=AC32D053B469479CB9B9C6587A4519D0
Source: global traffic	HTTP traffic detected: GET /setuid?entity=66&code=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /map/ct=y/c=7625/tp=SIMP/tpid=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: bcp.crwdcntrl.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_dc=1; _cc_id=26860ca75498c750c4b8131d81c37d9b
Source: global traffic	HTTP traffic detected: GET /images/coop-atm.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/contact/atm-locations.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /apps/app/assets/js/acsb.js HTTP/1.1Host: acsbapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "4068a7f1da6becc8680fb5747ce2ae26"If-Modified-Since: Mon, 01 Jul 2024 21:02:44 GMT
Source: global traffic	HTTP traffic detected: GET /index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2Fcontact%2Fatm-locations.shtml HTTP/1.1Host: www.surveycarrot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sifitag/73fcc20f-faf5-487d-8165-57e69981a322 HTTP/1.1Host: tag.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /js/linkwarning.js?_=1719869654795 HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/contact/atm-locations.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/atms.png HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/contact/atm-locations.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869645.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/sections/canyon.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/contact/atm-locations.shtmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.1.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/cobrowse/externalUrl/v1 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.midoregon.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?id=537072966&val=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869655099&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=7ce672&ler=empty&cdl=API_unavailable&it=1719869654983&coo=false&cs_cc=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869655099&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=7ce672&ler=empty&cdl=API_unavailable&it=1719869654983&coo=false&cs_cc=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: trigger;navigation-source, event-sourceReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/coop-atm.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3DAC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=Eqe1Tzz-WXTXEqXI_ojbURMNflH8nYIkEfo1O1spZw8B9RkBeK50CZ26oYEExcCJVc16yUHTS0CJE_tea7uVtZN7FAoIf4RBRnkW1EsY9Xk.; receive-cookie-deprecation=1; uuid2=8405622174214461867
Source: global traffic	HTTP traffic detected: GET /index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2Fcontact%2Fatm-locations.shtml HTTP/1.1Host: www.surveycarrot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/linkwarning.js?_=1719869654795 HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/loadBotAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?cc=1&id=537072966&val=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=e08155c6-599e-4f48-afd2-d1494e598b90\|1719869656
Source: global traffic	HTTP traffic detected: GET /images/atms.png HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/cobrowse/externalUrl/v1 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /images/sections/canyon.jpg HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869655099&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=7ce672&ler=empty&cdl=API_unavailable&it=1719869654983&coo=false&cs_cc=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869655099&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=7ce672&ler=empty&cdl=API_unavailable&it=1719869654983&coo=false&cs_cc=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w/1.0/sd?cc=1&id=537072966&val=AC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: us-u.openx.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=e08155c6-599e-4f48-afd2-d1494e598b90\|1719869656
Source: global traffic	HTTP traffic detected: GET /chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages= HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3DAC32D053B469479CB9B9C6587A4519D0 HTTP/1.1Host: ib.adnxs.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=8405622174214461867; anj=dTM7k!M4.FE:2jUF']wIg2GUfL3/NY!@wnfH8KW.dG5<#Z?YUVGzk(8GD$NCEsgcqq3QxJEIitFG49SHDZXXDDRb]bD-bXL%(2K:$doS]%6lN_`mNbC
Source: global traffic	HTTP traffic detected: GET /3rdpartycookietest/ HTTP/1.1Host: cobrowsing.eltropy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test=3rdparty; 8fcbus=1iw3mj; 3vnn2=2thzen
Source: global traffic	HTTP traffic detected: GET /Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=1719871457&Signature=HWuSVtPvSbfa9ASzlerLrZ~4i6owLQ~A5cpd7-VtA-lN2kXCKHNSPJ4Q59z1mRi36aKRkx85cXcpkgCsvsFIXuxYLIV0jfnCKGPp0xBTE-0zXvWmRnX4TuQQaVNypVPb8wazdwfR1W7sEfCrAE0~m-ITyXG89jFHpSIT2-V4aVfzvEreJiinIUnwi8bnAbrUboIqQzvOLOOfANd4LTWPznEUJDbCPE5surnNYwjQi2KbYgNXp6K8lyo4oCjaEvI9VnBYiqzyeJNFnDLiZUvHGzZ8Mh2cazWOsTOitTepxRFUYG-ndD4ukRSzB6eTZ7T~NGP~UN2uzpvqYMkQluUcrw__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /messages/service/domain/settings/get HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/panels/data?panelId= HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestAccept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=1719871457&Signature=HWuSVtPvSbfa9ASzlerLrZ~4i6owLQ~A5cpd7-VtA-lN2kXCKHNSPJ4Q59z1mRi36aKRkx85cXcpkgCsvsFIXuxYLIV0jfnCKGPp0xBTE-0zXvWmRnX4TuQQaVNypVPb8wazdwfR1W7sEfCrAE0~m-ITyXG89jFHpSIT2-V4aVfzvEreJiinIUnwi8bnAbrUboIqQzvOLOOfANd4LTWPznEUJDbCPE5surnNYwjQi2KbYgNXp6K8lyo4oCjaEvI9VnBYiqzyeJNFnDLiZUvHGzZ8Mh2cazWOsTOitTepxRFUYG-ndD4ukRSzB6eTZ7T~NGP~UN2uzpvqYMkQluUcrw__&Key-Pair-Id=APKAJ2NIENK5IQFNL4CQ HTTP/1.1Host: d1lvyn09g7nf92.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /p?cid=206526&cb=sifi_att_42656._hp HTTP/1.1Host: i.simpli.fiConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; uid_syncd_secure=true
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/panels/data?panelId= HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonElt-Session-Token: nullX-Requested-With: XMLHttpRequestsec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/config HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestAccept-Language: en-USsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://contact.midoregon.com/chat/?domain=https%3A%2F%2Fcontact.midoregon.com&domainId=99545687&botName=Mid+Oregon+Answer+Center&engagementText=Have+a+question%3F&avatar=https%253A%252F%252Fd1lvyn09g7nf92.cloudfront.net%252FMid-Oregon-Credit-Union-99545687%252Fsbr%252FbotAvatar.jpg%253FExpires%253D1719871457%2526Signature%253DU8yCsm6JWshj4B6B3NjPtHtbzfOU73S-GXvZCqLlipctm9C0r9CFJdzTWGwxLKPidZrRpT3BnUcwyl7UPwSjGqfexRqaFDPnPTvp0906ieNMxuz9YpfunnCpSI-M6pOHua2M8zOqH9zsl2y-hMg3ji7W39QmuqnHepXl0ua28P-W742KX6VvMwvt0o4q0e-t7d0J0VspxIGzSO1d9ozIr0qcZWuOPCv20rrMuCButZ-%7E-GvjB3USwBcPxXZ7h-habW1xGTg2Evp68Tq2tFrc%7EQskjDNVJRYBgJSQT0XZvcP4CXW7y-E2GmfdrDO3ZHdzkDT8LG3fZfEFyMIqXzzCsA__%2526Key-Pair-Id%253DAPKAJ2NIENK5IQFNL4CQ&color=%2F3d5d86&textColor=%2Ffcfcfc&cuName=undefined&integrationId=undefined&autoIdleResponse=Is%2520there%2520anything%2520else%2520we%2520can%2520help%2520you%2520with%253F%2520If%2520we%2520don%27t%2520hear%2520back%2520from%2520you%252C%2520this%2520chat%2520will%2520close%2520automatically.&chatBotIdleTime=10&chatBotIdleTimeFormat=mins&chatBotSessionClosureTime=1&chatBotSessionClosureTimeFormat=mins&isInCobrowseFrame=N&showLinkInNewTab=Y&showSurveyForm=Y&ratingHeader=%253A%29&tosUrl=https%3A%2F%2Feltropy.com%2Flegal%2F&recommendationHeader=How%2520was%2520your%2520experience%253F%28%25205%2520being%2520the%2520best%29&enableAppointments=N&endButtonPrimaryColor=%2FD75C54&endButtonTextColor=%2Fffffff&startButtonPrimaryColor=%2F2D2759&startButtonTextColor=%2Fffffff&startButtonText=Start+Chat&standardWelcomeMessage=We%27re+here+for+you&welcomeMessageDescription=&logo=&feedbackMessage=Thank+you+for+contacting+us+today&showWaitingScreenQueuePosition=N&showWaitingScreenDefaultImages=N&waitingScreenDefaultImages=Accept-Encoding: gzip, deflate, brCookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8 HTTP/1.1Host: contact.midoregon.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _gid=GA1.2.510304597.1719869632; _gat_gtag_UA_6220176_2=1; _fbp=fb.1.1719869632042.867386412250169740; _ga_FPR7JDXPKQ=GS1.1.1719869630.1.1.1719869654.0.0.0; _ga=GA1.2.1008880447.1719869630
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/yui-reset.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/vendor/jquery/jquery-ui.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/vendor/jquery/jquery.daterangepicker.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/vendor/extjs/ext-all.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/base.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/grid.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-components.shim.desktop.min.css?638554664611357334 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-foundation/latest/iris-foundation.min.css?638554664611357334 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-components.min.css?638554664611357334 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/sidebar.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/lib/iris/iris.shim.desktop.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-iris/2.9.0/iris.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-iris-foundation/1.6.1/iris-foundation.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/icons/MidOregonCU/font/font-icons.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/styles/theme.desktop.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/assets/themes/scripts/loadLocaleData.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/images/brand-logo-wide.png HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/scripts/packages/webtoolkit/localization-ts.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-polyfills/2.1.0/polyfill.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-polyfills/2.1.0/webcomponentsjs/webcomponents-bundle.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-polyfills/2.1.0/webcomponentsjs/custom-elements-es5-adapter.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/icons/MidOregonCU/font/Alkami.woff2 HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.orb.alkamitech.com/production/icons/MidOregonCU/font/font-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-iris/2.9.0/popper.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-iris/2.9.0/iris.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-vue.umd.min.js?638554664611513371 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/images/brand-logo-wide.png HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-shell/1.13.1/orb-shell.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/jquery/3.7.0/jquery.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/jquery-ui/1.13.2/jquery-ui.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/jquery-validate/1.19.5/jquery-validate.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/jquery.bundle/jquery-validate-sitetext.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/moment/2.29.4/moment.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /csync/RX-edf8f10c-783e-403a-91e7-a40f6df88b7f-003 HTTP/1.1Host: sync.targeting.unrulymedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-edf8f10c-783e-403a-91e7-a40f6df88b7f-003%22%7D
Source: global traffic	HTTP traffic detected: GET /cdn/ua-parser/1.0.35/ua-parser.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/vendor.bundle/bootstrap-dropdown.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/vendor.bundle/bootstrap-modal.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/vendor.bundle/bootstrap-select.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/jquery.plugins.bundle/jquery.filestyle.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/jquery.plugins.bundle/jquery.dateRangePicker.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/shave/2.5.10/shave.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/en-US.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/i18n-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/jquery.extensions.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/utils-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/flash-banner-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/helpers-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/jquery-helpers-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/language-toggle-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/profile_nav-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/idle-timeout-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/idle-modal-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/screen-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/content-articles-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/content-promo-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/system-alert-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/password-togglefication.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/iris-sitetext.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/feature-detect-ts.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/vue/2.7.14/vue.runtime.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/vuex/3.6.2/vuex.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/vue-router/3.6.5/vue-router.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/javascripts/shared.scripts/browser-support-ts.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/print.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/1ca8ebd0/1ca8ebd0.js HTTP/1.1Host: bcdn-god.we-stats.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-full-1.261.1.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/favicons/favicon.png HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/favicons/manifest.webmanifest HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.midoregon.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/prod/crossdomain.html HTTP/1.1Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/prod/crossdomain.html HTTP/1.1Host: 1.c81358859121583b7adf2ace89cb39f44.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/prod/crossdomain.html HTTP/1.1Host: 1.b406929acabac9b095f124c81bdfcf57f.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/favicons/favicon.png HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHmtTUl1ARBRQQwpfCHJWWEFGXFwKVEVMeQhVXE4%3D&rst=19726&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/Registration&ptid=b1f178e73355ce84&af=err,xhr,stn,ins&ap=45&be=1308&fe=17219&dc=15766&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1719869658791,%22n%22:0,%22f%22:3,%22dn%22:150,%22dne%22:150,%22c%22:150,%22s%22:151,%22ce%22:636,%22rq%22:636,%22rp%22:1309,%22rpe%22:1506,%22di%22:17058,%22ds%22:17058,%22de%22:17074,%22dc%22:18523,%22l%22:18524,%22le%22:18527%7D,%22navigation%22:%7B%7D%7D&fp=5871&fcp=5871 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1Host: 1.c81358859121583b7adf2ace89cb39f44.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1Host: 1.b406929acabac9b095f124c81bdfcf57f.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-components.shim.desktop.min.css?638554664809472666 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/base.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=170379-170379If-Range: "d9d56d9e2a448efc8977c8d053e27fb6"
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/icons/MidOregonCU/font/font-icons.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "0e245e6f095c4b85c518ef263d1ad8b7"If-Modified-Since: Thu, 08 Jun 2023 14:58:18 GMT
Source: global traffic	HTTP traffic detected: GET /cdn/alkami-orb-client-global/1.6.0/stylesheets/base.min.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=170379-201664If-Range: "d9d56d9e2a448efc8977c8d053e27fb6"
Source: global traffic	HTTP traffic detected: GET /cdn/iris-foundation/latest/iris-foundation.min.css?638554664809472666 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-components.min.css?638554664809472666 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/assets/themes/scripts/loadLocaleData.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "970589f4ff7383c0e98b13acd67ee462"If-Modified-Since: Tue, 15 Jun 2021 20:34:45 GMT
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-vue.umd.min.js?638554664809629023 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/icons/MidOregonCU/font/Alkami.woff2 HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.orb.alkamitech.com/production/icons/MidOregonCU/font/font-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "a660de42a44f7d93fe4cf913b9d25445"If-Modified-Since: Tue, 19 Mar 2024 16:00:21 GMT
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHn9ZR1NcRDZQRBBHCUNddVpaR0IJXVsGQkl4V1JQTA%3D%3D&rst=8741&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/ForgotPassword&ptid=0b14c5fd50624588&af=err,xhr,stn,ins&ap=54&be=1070&fe=7523&dc=7189&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1719869678832,%22n%22:0,%22f%22:4,%22dn%22:31,%22dne%22:32,%22c%22:32,%22s%22:35,%22ce%22:517,%22rq%22:517,%22rp%22:1070,%22rpe%22:1256,%22di%22:8245,%22ds%22:8245,%22de%22:8259,%22dc%22:8589,%22l%22:8589,%22le%22:8593%7D,%22navigation%22:%7B%7D%7D&fp=3058&fcp=3058&timestamp=1719869688683 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-components.shim.desktop.min.css?638554664908697572 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/icons/MidOregonCU/font/font-icons.css HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "0e245e6f095c4b85c518ef263d1ad8b7"If-Modified-Since: Thu, 08 Jun 2023 14:58:18 GMT
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/assets/themes/scripts/loadLocaleData.min.js HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "970589f4ff7383c0e98b13acd67ee462"If-Modified-Since: Tue, 15 Jun 2021 20:34:45 GMT
Source: global traffic	HTTP traffic detected: GET /cdn/iris-foundation/latest/iris-foundation.min.css?638554664908697572 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-components.min.css?638554664908697572 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn/iris-vue@official/iris-vue.umd.min.js?638554664908697572 HTTP/1.1Host: iris.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /production/icons/MidOregonCU/font/Alkami.woff2 HTTP/1.1Host: assets.orb.alkamitech.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.midoregon.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://assets.orb.alkamitech.com/production/icons/MidOregonCU/font/font-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: "a660de42a44f7d93fe4cf913b9d25445"If-Modified-Since: Tue, 19 Mar 2024 16:00:21 GMT
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHn9ZR1NcRDNCUhFeB1xcdVpaR0IJXVsGQkl4V1JQTA%3D%3D&rst=8445&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/ForgotUsername&ptid=32eb6ad7e0ea011e&af=err,xhr,stn,ins&ap=53&be=1083&fe=7128&dc=6968&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1719869688737,%22n%22:0,%22f%22:4,%22dn%22:24,%22dne%22:24,%22c%22:24,%22s%22:24,%22ce%22:501,%22rq%22:502,%22rp%22:1083,%22rpe%22:1264,%22di%22:8037,%22ds%22:8037,%22de%22:8051,%22dc%22:8206,%22l%22:8206,%22le%22:8211%7D,%22navigation%22:%7B%7D%7D&fp=3457&fcp=3457&timestamp=1719869698293 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/v3.1/web/wup?cid=attina HTTP/1.1Host: wup-1ca8ebd0.us.v2.we-stats.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.midoregon.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: <div class="d-flex"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-small si-colored si-facebook" title="Facebook" rel="noopener" target="_blank"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.instagram.com/midoregoncu/" class="social-icon si-small si-colored si-instagram" title="Instagram" rel="noopener" target="_blank"> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> </a> <a href="https://www.youtube.com/user/MidOregonCreditUnion" class="social-icon si-small si-colored si-youtube" title="youtube" rel="noopener" target="_blank"> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> </a> <a href="https://www.linkedin.com/company/mid-oregon-credit-union" class="social-icon si-small si-colored si-linkedin" title="linkedin" rel="noopener" target="_blank"> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> </a> <a href="https://blog.midoregon.com/" class="social-icon si-small si-colored si-rss" title="blog" rel="noopener" target="_blank"> <i class="icon-rss"><span class="sr-only">Blog</span></i> <i class="icon-rss"><span class="sr-only">Blog</span></i> </a></div> equals www.facebook.com (Facebook)
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: <div class="d-flex"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-small si-colored si-facebook" title="Facebook" rel="noopener" target="_blank"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.instagram.com/midoregoncu/" class="social-icon si-small si-colored si-instagram" title="Instagram" rel="noopener" target="_blank"> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> </a> <a href="https://www.youtube.com/user/MidOregonCreditUnion" class="social-icon si-small si-colored si-youtube" title="youtube" rel="noopener" target="_blank"> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> </a> <a href="https://www.linkedin.com/company/mid-oregon-credit-union" class="social-icon si-small si-colored si-linkedin" title="linkedin" rel="noopener" target="_blank"> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> </a> <a href="https://blog.midoregon.com/" class="social-icon si-small si-colored si-rss" title="blog" rel="noopener" target="_blank"> <i class="icon-rss"><span class="sr-only">Blog</span></i> <i class="icon-rss"><span class="sr-only">Blog</span></i> </a></div> equals www.linkedin.com (Linkedin)
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: <div class="d-flex"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-small si-colored si-facebook" title="Facebook" rel="noopener" target="_blank"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.instagram.com/midoregoncu/" class="social-icon si-small si-colored si-instagram" title="Instagram" rel="noopener" target="_blank"> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> </a> <a href="https://www.youtube.com/user/MidOregonCreditUnion" class="social-icon si-small si-colored si-youtube" title="youtube" rel="noopener" target="_blank"> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> </a> <a href="https://www.linkedin.com/company/mid-oregon-credit-union" class="social-icon si-small si-colored si-linkedin" title="linkedin" rel="noopener" target="_blank"> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> </a> <a href="https://blog.midoregon.com/" class="social-icon si-small si-colored si-rss" title="blog" rel="noopener" target="_blank"> <i class="icon-rss"><span class="sr-only">Blog</span></i> <i class="icon-rss"><span class="sr-only">Blog</span></i> </a></div> equals www.youtube.com (Youtube)
Source: chromecache_548.2.dr	String found in binary or memory: class="btn btn-success" href="https://www.youtube.com/watch?v=XeObAL8iX4s" equals www.youtube.com (Youtube)
Source: chromecache_548.2.dr	String found in binary or memory: <div class="col-6 col-md-12 col-lg-6 clearfix mb-0"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-dark si-colored si-facebook mb-0" style="margin-right: 10px;" target="_blank" rel="noopener"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.facebook.com/MidOregonCreditUnion" target="_blank" rel="noopener"><small style="display: block; margin-top: 3px;"><strong>Follow us</strong><br> equals www.facebook.com (Facebook)
Source: chromecache_548.2.dr	String found in binary or memory: "https://www.facebook.com/MidOregonCreditUnion", equals www.facebook.com (Facebook)
Source: chromecache_548.2.dr	String found in binary or memory: "https://www.linkedin.com/company/mid-oregon-credit-union", equals www.linkedin.com (Linkedin)
Source: chromecache_548.2.dr	String found in binary or memory: "https://www.youtube.com/user/MidOregonCreditUnion", equals www.youtube.com (Youtube)
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: <div class="d-flex justify-content-center justify-content-md-end"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-borderless si-facebook" rel="noopener" target="_blank"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.youtube.com/user/MidOregonCreditUnion" class="social-icon si-borderless si-youtube" rel="noopener" target="_blank"> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> </a> <a href="https://www.linkedin.com/company/mid-oregon-credit-union" class="social-icon si-borderless si-linkedin" rel="noopener" target="_blank"> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> </a> <a href="https://www.instagram.com/midoregoncu/" class="social-icon si-borderless si-instagram" rel="noopener" target="_blank"> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> </a> <a href="https://blog.midoregon.com/" class="social-icon si-borderless si-rss" rel="noopener" target="_blank"> <i class="icon-rss"><span class="sr-only">Blog</span></i> <i class="icon-rss"><span class="sr-only">Blog</span></i> </a> </div> equals www.facebook.com (Facebook)
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: <div class="d-flex justify-content-center justify-content-md-end"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-borderless si-facebook" rel="noopener" target="_blank"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.youtube.com/user/MidOregonCreditUnion" class="social-icon si-borderless si-youtube" rel="noopener" target="_blank"> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> </a> <a href="https://www.linkedin.com/company/mid-oregon-credit-union" class="social-icon si-borderless si-linkedin" rel="noopener" target="_blank"> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> </a> <a href="https://www.instagram.com/midoregoncu/" class="social-icon si-borderless si-instagram" rel="noopener" target="_blank"> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> </a> <a href="https://blog.midoregon.com/" class="social-icon si-borderless si-rss" rel="noopener" target="_blank"> <i class="icon-rss"><span class="sr-only">Blog</span></i> <i class="icon-rss"><span class="sr-only">Blog</span></i> </a> </div> equals www.linkedin.com (Linkedin)
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: <div class="d-flex justify-content-center justify-content-md-end"> <a href="https://www.facebook.com/MidOregonCreditUnion" class="social-icon si-borderless si-facebook" rel="noopener" target="_blank"> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> <i class="icon-facebook"><span class="sr-only">Facebook</span></i> </a> <a href="https://www.youtube.com/user/MidOregonCreditUnion" class="social-icon si-borderless si-youtube" rel="noopener" target="_blank"> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> <i class="icon-youtube"><span class="sr-only">Youtube</span></i> </a> <a href="https://www.linkedin.com/company/mid-oregon-credit-union" class="social-icon si-borderless si-linkedin" rel="noopener" target="_blank"> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> <i class="icon-linkedin"><span class="sr-only">LinkedIn</span></i> </a> <a href="https://www.instagram.com/midoregoncu/" class="social-icon si-borderless si-instagram" rel="noopener" target="_blank"> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> <i class="icon-instagram"><span class="sr-only">Instagram</span></i> </a> <a href="https://blog.midoregon.com/" class="social-icon si-borderless si-rss" rel="noopener" target="_blank"> <i class="icon-rss"><span class="sr-only">Blog</span></i> <i class="icon-rss"><span class="sr-only">Blog</span></i> </a> </div> equals www.youtube.com (Youtube)
Source: chromecache_437.2.dr	String found in binary or memory: (function(a,b,c,d){var e={exports:{}};e.exports;(function(){var f=a.fbq;f.execStart=a.performance&&a.performance.now&&a.performance.now();if(!function(){var b=a.postMessage\|\|function(){};if(!f){b({action:"FB_LOG",logType:"Facebook Pixel Error",logMessage:"Pixel code is not installed correctly on this page"},"");"error"in console&&console.error("Facebook Pixel Error: Pixel code is not installed correctly on this page");return!1}return!0}())return;f.__fbeventsModules\|\|(f.__fbeventsModules={},f.__fbeventsResolvedModules={},f.getFbeventsModules=function(a){f.__fbeventsResolvedModules[a]\|\|(f.__fbeventsResolvedModules[a]=f.__fbeventsModules[a]());return f.__fbeventsResolvedModules[a]},f.fbIsModuleLoaded=function(a){return!!f.__fbeventsModules[a]},f.ensureModuleRegistered=function(b,a){f.fbIsModuleLoaded(b)\|\|(f.__fbeventsModules[b]=a)});f.ensureModuleRegistered("signalsFBEventsGetIwlUrl",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var b=f.getFbeventsModules("signalsFBEventsGetTier"),c=d();function d(){try{if(a.trustedTypes&&a.trustedTypes.createPolicy){var b=a.trustedTypes;return b.createPolicy("facebook.com/signals/iwl",{createScriptURL:function(a){var b=new URL(a);b=b.hostname.endsWith(".facebook.com")&&b.pathname=="/signals/iwl.js";if(!b)throw new Error("Disallowed script URL");return a}})}}catch(a){}return null}e.exports=function(a,d){d=b(d);d=d==null?"www.facebook.com":"www."+d+".facebook.com";d="https://"+d+"/signals/iwl.js?pixel_id="+a;if(c!=null)return c.createScriptURL(d);else return d}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("signalsFBEventsGetTier",function(){return function(f,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var a=/^https:\/\/www\.([A-Za-z0-9\.]+)\.facebook\.com\/tr\/?$/,b=["https://www.facebook.com/tr","https://www.facebook.com/tr/"];e.exports=function(c){if(b.indexOf(c)!==-1)return null;var d=a.exec(c);if(d==null)throw new Error("Malformed tier: "+c);return d[1]}})();return e.exports}(a,b,c,d)});f.ensureModuleRegistered("SignalsFBEvents.plugins.iwlbootstrapper",function(){return function(a,b,c,d){var e={exports:{}};e.exports;(function(){"use strict";var c=f.getFbeventsModules("SignalsFBEventsIWLBootStrapEvent"),d=f.getFbeventsModules("SignalsFBEventsLogging"),g=f.getFbeventsModules("SignalsFBEventsNetworkConfig"),h=f.getFbeventsModules("SignalsFBEventsPlugin"),i=f.getFbeventsModules("signalsFBEventsGetIwlUrl"),j=f.getFbeventsModules("signalsFBEventsGetTier"),k=d.logUserError,l=/^https:\/\/.\.facebook\.com$/i,m="FACEBOOK_IWL_CONFIG_STORAGE_KEY",n=null;e.exports=new h(function(d,e){try{n=a.sessionStorage?a.sessionStorage:{getItem:function(a){return null},removeItem:function(a){},setItem:function(a,b){}}}catch(a){return}function h(c,d){var e=b.createElement("script");e.async=!0;e.onload=function(){if(!a.FacebookIWL\|\|!a.FacebookIWL.init)return;var b=j(g.ENDPOINT);b!=null&&a.FacebookIWL.set&&a.FacebookIWL.set("tier",b);d()};a.FacebookIWLSessionEnd=func
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Tj:function(){e=Db()},pd:function(){d()}}};var jc=ka(["data-gtm-yt-inspected-"]),CC=["www.youtube.com","www.youtube-nocookie.com"],DC,EC=!1; equals www.youtube.com (Youtube)
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=mA(a,c,e);O(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return O(122),!0;if(d&&f){for(var m=Ob(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},pA=function(){var a=[],b=function(c){return tb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|k.length))return;var n={Rg:d,Pg:e,Qg:f,Fh:g,Gh:k,xe:m,Bb:b},p=G.YT,q=function(){KC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(NC(w,"iframe_api")\|\|NC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,B=0;B<y;B++)if(!EC&&LC(x[B],n.xe))return Bc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_621.2.dr	String found in binary or memory: return b}AC.J="internal.enableAutoEventOnTimer";var jc=ka(["data-gtm-yt-inspected-"]),CC=["www.youtube.com","www.youtube-nocookie.com"],DC,EC=!1; equals www.youtube.com (Youtube)
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: var PB=function(a,b,c,d,e){var f=Kz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Kz("fsl","nv.ids",[]):Kz("fsl","ids",[]);if(!g.length)return!0;var k=Pz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);O(121);if(m==="https://www.facebook.com/tr/")return O(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!oy(k,py(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: www.midoregon.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: feed.mikle.com
Source: global traffic	DNS traffic detected: DNS query: www.stickleyonsecurity.com
Source: global traffic	DNS traffic detected: DNS query: www.surveycarrot.com
Source: global traffic	DNS traffic detected: DNS query: tag.simpli.fi
Source: global traffic	DNS traffic detected: DNS query: d1lvyn09g7nf92.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: acsbapp.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: contact.midoregon.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: cobrowsing.eltropy.com
Source: global traffic	DNS traffic detected: DNS query: d2kc9bbovjrjt2.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: doerd31l9oh9k.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: i.simpli.fi
Source: global traffic	DNS traffic detected: DNS query: um.simpli.fi
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: s.ad.smaato.net
Source: global traffic	DNS traffic detected: DNS query: eb2.3lift.com
Source: global traffic	DNS traffic detected: DNS query: sync.1rx.io
Source: global traffic	DNS traffic detected: DNS query: simplifi.partners.tremorhub.com
Source: global traffic	DNS traffic detected: DNS query: aa.agkn.com
Source: global traffic	DNS traffic detected: DNS query: pixel.tapad.com
Source: global traffic	DNS traffic detected: DNS query: cs.lkqd.net
Source: global traffic	DNS traffic detected: DNS query: d.agkn.com
Source: global traffic	DNS traffic detected: DNS query: sync.intentiq.com
Source: global traffic	DNS traffic detected: DNS query: sync.targeting.unrulymedia.com
Source: global traffic	DNS traffic detected: DNS query: fei.pro-market.net
Source: global traffic	DNS traffic detected: DNS query: loadm.exelator.com
Source: global traffic	DNS traffic detected: DNS query: sync.smartadserver.com
Source: global traffic	DNS traffic detected: DNS query: cdn.acsbapp.com
Source: global traffic	DNS traffic detected: DNS query: sync.bfmio.com
Source: global traffic	DNS traffic detected: DNS query: stags.bluekai.com
Source: global traffic	DNS traffic detected: DNS query: bcp.crwdcntrl.net
Source: global traffic	DNS traffic detected: DNS query: ce.lijit.com
Source: global traffic	DNS traffic detected: DNS query: idsync.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: pippio.com
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: us-u.openx.net
Source: global traffic	DNS traffic detected: DNS query: login.midoregon.com
Source: global traffic	DNS traffic detected: DNS query: assets.orb.alkamitech.com
Source: global traffic	DNS traffic detected: DNS query: iris.alkamitech.com
Source: global traffic	DNS traffic detected: DNS query: bcdn-god.we-stats.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: wup-1ca8ebd0.us.v2.we-stats.com
Source: global traffic	DNS traffic detected: DNS query: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
Source: global traffic	DNS traffic detected: DNS query: 1.b406929acabac9b095f124c81bdfcf57f.com
Source: global traffic	DNS traffic detected: DNS query: 1.c81358859121583b7adf2ace89cb39f44.com
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic	DNS traffic detected: DNS query: log-1ca8ebd0.us.v2.we-stats.com

Source: unknown

HTTP traffic detected: POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6220176-2&cid=1008880447.1719869630&jid=1641472113&gjid=1888356795&_gid=510304597.1719869632&_u=YADAAUAAAAAAACAAI~&z=534396189 HTTP/1.1Host: stats.g.doubleclick.netConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plainAccept: */*Origin: https://www.midoregon.comX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.midoregon.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Jul 2024 21:34:03 GMTContent-Length: 0Connection: closex-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: strict-origin-when-cross-originstrict-transport-security: max-age=31536000; includeSubDomains; preload;server: envoy
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Jul 2024 21:34:10 GMTContent-Length: 0Connection: closex-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: strict-origin-when-cross-originstrict-transport-security: max-age=31536000; includeSubDomains; preload;server: envoy
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 01 Jul 2024 21:34:19 GMTContent-Length: 0Connection: closex-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: strict-origin-when-cross-originstrict-transport-security: max-age=31536000; includeSubDomains; preload;server: envoy

Source: chromecache_658.2.dr	String found in binary or memory: http://css-tricks.com
Source: chromecache_658.2.dr	String found in binary or memory: http://daverupert.com
Source: chromecache_672.2.dr	String found in binary or memory: http://dimsemenov.com/plugins/magnific-popup/
Source: chromecache_483.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_483.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_490.2.dr	String found in binary or memory: http://g.co/dev/maps-no-account
Source: chromecache_404.2.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: chromecache_370.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_370.2.dr, chromecache_452.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_560.2.dr, chromecache_385.2.dr, chromecache_682.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_385.2.dr	String found in binary or memory: http://jqueryui.com/themeroller/?scope=&folderName=custom-theme&bgImgOpacityHeader=&bgImgOpacityCont
Source: chromecache_548.2.dr	String found in binary or memory: http://midoregon.cudlautosmart.com/
Source: chromecache_467.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_369.2.dr, chromecache_673.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_576.2.dr	String found in binary or memory: http://paulmillr.com)
Source: chromecache_515.2.dr	String found in binary or memory: http://play.google.com/store/apps/details?id=
Source: chromecache_562.2.dr	String found in binary or memory: http://polymer.github.io/AUTHORS.txt
Source: chromecache_562.2.dr	String found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
Source: chromecache_562.2.dr	String found in binary or memory: http://polymer.github.io/LICENSE.txt
Source: chromecache_562.2.dr	String found in binary or memory: http://polymer.github.io/PATENTS.txt
Source: chromecache_658.2.dr	String found in binary or memory: http://sam.zoy.org/wtfpl/
Source: chromecache_553.2.dr, chromecache_492.2.dr	String found in binary or memory: http://silviomoreto.github.io/bootstrap-select/)
Source: chromecache_370.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_614.2.dr	String found in binary or memory: http://themes.semicolonweb.com/html/canvas/css/colors.php?color=3D80E4
Source: chromecache_614.2.dr	String found in binary or memory: http://themes.semicolonweb.com/html/canvas/demos/landing/css/fonts.css
Source: chromecache_614.2.dr	String found in binary or memory: http://themes.semicolonweb.com/html/canvas/demos/landing/landing.css
Source: chromecache_658.2.dr	String found in binary or memory: http://www.alistapart.com/articles/creating-intrinsic-ratios-for-video/
Source: chromecache_490.2.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_678.2.dr	String found in binary or memory: http://www.entrustdatacard.com
Source: chromecache_678.2.dr	String found in binary or memory: http://www.entrustdatacard.com/This
Source: chromecache_499.2.dr	String found in binary or memory: http://www.extjs.com/license
Source: chromecache_533.2.dr, chromecache_395.2.dr, chromecache_472.2.dr, chromecache_662.2.dr, chromecache_376.2.dr, chromecache_389.2.dr	String found in binary or memory: http://www.google.com
Source: chromecache_515.2.dr	String found in binary or memory: http://www.windowsphone.com/s?appid=
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://acsbapp.com/apps/app/assets/js/acsb.js
Source: chromecache_447.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_504.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_467.2.dr	String found in binary or memory: https://animate.style/
Source: chromecache_548.2.dr	String found in binary or memory: https://apps.apple.com/us/app/mid-oregon-credit-union/id1360452241?ls=1
Source: chromecache_609.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/browser_unsupported/$
Source: chromecache_609.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/browser_unsupported/browsers/
Source: chromecache_609.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/browser_unsupported/browsers/$
Source: chromecache_476.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/forms_checkboxes.png
Source: chromecache_476.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/forms_radio_buttons.png
Source: chromecache_476.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/icon_delete.png)
Source: chromecache_476.2.dr, chromecache_553.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/icons_sprite.png
Source: chromecache_671.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/assets/global/images/sidebar/progress_sprite.png
Source: chromecache_476.2.dr	String found in binary or memory: https://assets.orb.alkamitech.com/production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/t
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://avtecmedia.com
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://avtecmedia.com/compliance/ada-accessibility-widget.html
Source: chromecache_468.2.dr	String found in binary or memory: https://bcdn-god.we-stats.com/scripts/1ca8ebd0/1ca8ebd0.js
Source: chromecache_548.2.dr	String found in binary or memory: https://blog.midoregon.com
Source: chromecache_548.2.dr	String found in binary or memory: https://blog.midoregon.com/
Source: chromecache_597.2.dr, chromecache_447.2.dr, chromecache_621.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_548.2.dr	String found in binary or memory: https://chatbot.avtecmedia.com/qb/widget/V895xbynYnmeqZYd/9nJaZmp89ampvxPR
Source: chromecache_582.2.dr, chromecache_457.2.dr	String found in binary or memory: https://cobrowsing.eltropy.com
Source: chromecache_418.2.dr	String found in binary or memory: https://code.jquery.com/jquery-3.6.0.min.js
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
Source: chromecache_574.2.dr, chromecache_434.2.dr, chromecache_539.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://contact.midoregon.com
Source: chromecache_418.2.dr	String found in binary or memory: https://cu.orf/img_dir/bot.png
Source: chromecache_574.2.dr, chromecache_539.2.dr	String found in binary or memory: https://d1lvyn09g7nf92.cloudfront.net/Mid-Oregon-Credit-Union-99545687/sbr/botAvatar.jpg?Expires=171
Source: chromecache_574.2.dr, chromecache_539.2.dr	String found in binary or memory: https://d1lvyn09g7nf92.cloudfront.net/Mid-Oregon-Credit-Union-99545687/sbr/widgetIcon.jpg?Expires=17
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://d1lvyn09g7nf92.cloudfront.net/elt-iva-resources-prod/chat/contact-widget-embed.js
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://d2kc9bbovjrjt2.cloudfront.net/cdn/es6-shim.min.js
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://d2kc9bbovjrjt2.cloudfront.net/cdn/ie-10-media.match.min.js
Source: chromecache_418.2.dr	String found in binary or memory: https://demo.dev-sandbox2-eltropy.com
Source: chromecache_418.2.dr	String found in binary or memory: https://demo.eltropy.com
Source: chromecache_418.2.dr	String found in binary or memory: https://demo.stageeltropy.com
Source: chromecache_418.2.dr	String found in binary or memory: https://demo.uateltropy.com
Source: chromecache_490.2.dr	String found in binary or memory: https://developer.mozilla.org/docs/Web/API/EventTarget/addEventListener
Source: chromecache_490.2.dr	String found in binary or memory: https://developers.google.com/maps/deprecations
Source: chromecache_490.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/advanced-markers/migration
Source: chromecache_628.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages
Source: chromecache_643.2.dr, chromecache_590.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#
Source: chromecache_490.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers
Source: chromecache_490.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/libraries
Source: chromecache_490.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling
Source: chromecache_628.2.dr	String found in binary or memory: https://developers.google.com/maps/documentation/javascript/webgl/support
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Bold.woff2
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-BoldItalic.woff2
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Medium.woff2
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-MediumItalic.woff2
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-Regular.woff2
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/ABC-Diatype/ABCDiatype-RegularItalic.woff2
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/chat.6fb7976f75facbeb0095.js
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://doerd31l9oh9k.cloudfront.net/react-apps/chat/vendor.ed585edca71a33e88cec.js
Source: chromecache_418.2.dr	String found in binary or memory: https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/2212/img/animation-assets/channe
Source: chromecache_418.2.dr	String found in binary or memory: https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/2212/img/animation-assets/purple
Source: chromecache_418.2.dr	String found in binary or memory: https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/2212/img/close-chat.png
Source: chromecache_418.2.dr	String found in binary or memory: https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/bot.png
Source: chromecache_418.2.dr	String found in binary or memory: https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/getLiveHelpIcon.png
Source: chromecache_418.2.dr	String found in binary or memory: https://eltropy.com/legal/
Source: chromecache_647.2.dr	String found in binary or memory: https://feed.mikle.com/api/proxy/
Source: chromecache_647.2.dr	String found in binary or memory: https://feed.mikle.com/api/widget/read/body/
Source: chromecache_542.2.dr	String found in binary or memory: https://feed.mikle.com/images/back-icon.png
Source: chromecache_647.2.dr	String found in binary or memory: https://feed.mikle.com/images/squares.svg?v=1559546514
Source: chromecache_548.2.dr	String found in binary or memory: https://feed.mikle.com/js/fw-loader.js
Source: chromecache_542.2.dr	String found in binary or memory: https://feed.mikle.com/js/fw-widget.js?v=1.2
Source: chromecache_647.2.dr	String found in binary or memory: https://feed.mikle.com/support/three-most-frequent-issues-with-rss-feeds-with-solutions/
Source: chromecache_548.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Poppins:wght
Source: chromecache_525.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?
Source: chromecache_434.2.dr, chromecache_563.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Poppins:300
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2)
Source: chromecache_507.2.dr, chromecache_465.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2)
Source: chromecache_507.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_507.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_637.2.dr, chromecache_369.2.dr, chromecache_557.2.dr, chromecache_386.2.dr, chromecache_553.2.dr, chromecache_581.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_637.2.dr, chromecache_557.2.dr, chromecache_553.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/customize/)
Source: chromecache_464.2.dr	String found in binary or memory: https://github.com/OwlCarousel2/OwlCarousel2/blob/master/LICENSE
Source: chromecache_594.2.dr	String found in binary or memory: https://github.com/Prinzhorn/skrollr
Source: chromecache_667.2.dr	String found in binary or memory: https://github.com/jquery-form/form
Source: chromecache_667.2.dr	String found in binary or memory: https://github.com/jquery-form/form#license
Source: chromecache_452.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_429.2.dr	String found in binary or memory: https://github.com/mhuggins/jquery-countTo
Source: chromecache_576.2.dr	String found in binary or memory: https://github.com/paulmillr/es6-shim
Source: chromecache_576.2.dr	String found in binary or memory: https://github.com/paulmillr/es6-shim/
Source: chromecache_576.2.dr	String found in binary or memory: https://github.com/paulmillr/es6-shim/blob/0.35.1/LICENSE
Source: chromecache_553.2.dr, chromecache_492.2.dr	String found in binary or memory: https://github.com/silviomoreto/bootstrap-select/blob/master/LICENSE)
Source: chromecache_369.2.dr, chromecache_386.2.dr, chromecache_581.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_369.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_405.2.dr	String found in binary or memory: https://github.com/yowainwright/shave#readme
Source: chromecache_490.2.dr	String found in binary or memory: https://goo.gle/js-api-loading
Source: chromecache_410.2.dr, chromecache_620.2.dr, chromecache_363.2.dr, chromecache_417.2.dr	String found in binary or memory: https://iris.alkamitech.com/cdn/iris-foundation/latest/LICENSE)
Source: chromecache_415.2.dr, chromecache_368.2.dr, chromecache_497.2.dr, chromecache_388.2.dr, chromecache_477.2.dr, chromecache_547.2.dr, chromecache_612.2.dr, chromecache_543.2.dr, chromecache_379.2.dr	String found in binary or memory: https://iris.alkamitech.com/cdn/iris-vue/latest/LICENSE)
Source: chromecache_492.2.dr	String found in binary or memory: https://iris.alkamitech.com/web/components/dropdown.html
Source: chromecache_515.2.dr	String found in binary or memory: https://itunes.apple.com/
Source: chromecache_563.2.dr	String found in binary or memory: https://itunes.apple.com/us/app/coop-atm-shared-branch-locator/id1239957376?mt=8
Source: chromecache_498.2.dr, chromecache_667.2.dr	String found in binary or memory: https://jqueryvalidation.org/
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://login.midoregon.com/Authentication/Username
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://login.midoregon.com/ForgotPassword
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://login.midoregon.com/ForgotUsername
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://login.midoregon.com/Registration
Source: chromecache_391.2.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geo
Source: chromecache_628.2.dr	String found in binary or memory: https://maps.googleapis.com/maps/api/mapsjs/mapConfigs:batchGet
Source: chromecache_463.2.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/entity11.png);background-size:70px
Source: chromecache_463.2.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/entity11_hdpi.png);background-size:70px
Source: chromecache_463.2.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/exp2.png);background-size:109px
Source: chromecache_463.2.dr	String found in binary or memory: https://maps.gstatic.com/mapfiles/embed/images/exp2_hdpi.png);background-size:109px
Source: chromecache_391.2.dr	String found in binary or memory: https://maps.gstatic.com/maps-api-v3/embed/js/57/6a/init_embed.js
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/Apply.aspx?lenderref=Midoregonfcu_09222020&list=1b
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/Apply.aspx?lenderref=Midoregonfcu_09222020&list=2s
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/cc/CreditCard.aspx?lenderref=midoregonfcu63017
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/cc/CreditCard.aspx?lenderref=midoregonfcu63017&
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/cu/ViewSubmittedLoans.aspx?lenderref=midoregonfcu63017&
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/he/HomeEquityLoan.aspx?lenderref=midoregonfcu63017&
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/pl/PersonalLoan.aspx?lenderref=midoregonfcu63017&
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/vl/VehicleLoan.aspx?lenderref=midoregonfcu63017&
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/xa/xpressApp.aspx?enc=Kw21Wblm1yxpjJabdoZaDxaTqaTZKJ2nnkpqER_jSbO_1nW8
Source: chromecache_548.2.dr	String found in binary or memory: https://midoregon.loanspq.com/xa/xpressApp.aspx?lenderref=midoregonfcu63017&type=2&
Source: chromecache_447.2.dr, chromecache_621.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_597.2.dr, chromecache_447.2.dr, chromecache_621.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_563.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.coopnetwork.locator&hl=en
Source: chromecache_548.2.dr	String found in binary or memory: https://play.google.com/store/apps/details?id=com.midoregoncu.midoregoncu
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://reorder.libertysite.com
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://rewards.lovemycreditunion.org/?utm_source=cu_12084&utm_medium=web-banner-430X380&utm_campaig
Source: chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	String found in binary or memory: https://s3-us-west-1.amazonaws.com/elt-static/eltropy-messenger/
Source: chromecache_548.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_504.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_490.2.dr	String found in binary or memory: https://support.google.com/fusiontables/answer/9185417).
Source: chromecache_463.2.dr	String found in binary or memory: https://support.google.com/maps?p=kml
Source: chromecache_418.2.dr	String found in binary or memory: https://surfly.com
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://tag.simpli.fi/sifitag/73fcc20f-faf5-487d-8165-57e69981a322
Source: chromecache_504.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_548.2.dr	String found in binary or memory: https://taxservices.lovemycreditunion.org/?&utm_source=cu_12084&utm_medium=TaxServices-Banne
Source: chromecache_597.2.dr, chromecache_447.2.dr, chromecache_621.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://visitor.r20.constantcontact.com/d.jsp?llr=wguxwmeab&p=oi&m=1104233091286&sit=6dgk96vfb&f=cc8
Source: chromecache_379.2.dr	String found in binary or memory: https://www.ag-grid.com/
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.annualcreditreport.com/
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.cbsinvestorconnection.com/Accounts?cuid=13602097
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.cbsinvestorconnection.com/Advisors/Advisor_Bio?cuid=13602097&advisorid=10816
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.cbsinvestorconnection.com/Financial_Solutions?cuid=13602097
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.cbsinvestorconnection.com/Home?cuid=13602097
Source: chromecache_621.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_504.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_504.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_504.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_447.2.dr, chromecache_643.2.dr, chromecache_621.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_504.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
Source: chromecache_548.2.dr	String found in binary or memory: https://www.google.com/maps/embed?pb=
Source: chromecache_609.2.dr	String found in binary or memory: https://www.google.com/search?q=download
Source: chromecache_609.2.dr	String found in binary or memory: https://www.google.com/search?q=enable
Source: chromecache_597.2.dr, chromecache_447.2.dr, chromecache_621.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_621.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_504.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-FPR7JDXPKQ
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-6220176-2
Source: chromecache_548.2.dr	String found in binary or memory: https://www.instagram.com/midoregoncu/
Source: chromecache_548.2.dr	String found in binary or memory: https://www.linkedin.com/company/mid-oregon-credit-union
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/accessibility-statement.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/board.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/careers.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/community.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/index.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/partners.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/search-results.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/about/site-map.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/accounts/checking.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/accounts/childrens-accounts.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/accounts/debit-card.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/accounts/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/accounts/savings.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/accounts/student.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/apply/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/blog
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/business/business-checking.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/business/index.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/business/index.shtml#tab2
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/business/index.shtml#tab3
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/business/index.shtml#tab4
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/business/services.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/ask-president.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/atm-locations.shtml
Source: chromecache_563.2.dr	String found in binary or memory: https://www.midoregon.com/contact/atm-map.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/bend-east.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/bend.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/branch-locations.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/la-pine.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/madras.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/prineville.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/redmond.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/contact/sisters.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/education/calculators.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/education/financial-workshops.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/education/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/education/security.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/forms/view.php?id=11009
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/TWP_Oregon_2023.png
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/appstore-apple.png
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/appstore-google.png
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/avtec.png
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/backgrounds/bg.footer.png)
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/backgrounds/lake.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/backgrounds/lake.jpg')
Source: chromecache_614.2.dr	String found in binary or memory: https://www.midoregon.com/images/bg.sidepanel.png)
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/eho-logo.png
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/footer-widget-logo.png
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/hero/banking-elevated.jpg");
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/hero/heloc.jpg");
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/hero/rewards.jpg");
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/android-icon-192x192-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-114x114-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-120x120-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-144x144-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-152x152-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-180x180-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-57x57-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-60x60-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-72x72-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/apple-icon-76x76-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/favicon-16x16-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/favicon-32x32-dunplab-manifest-13604.png
Source: chromecache_598.2.dr	String found in binary or memory: https://www.midoregon.com/images/icon/favicon-96x96-dunplab-manifest-13604.png
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/logo
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/logo-dark
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/logo-dark.png
Source: chromecache_434.2.dr, chromecache_563.2.dr	String found in binary or memory: https://www.midoregon.com/images/logo-social.png
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/logo.png
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/menu.accounts.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/menu.business.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/menu.resources.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/menu.services.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/bridge.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/canyon.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/deschutes-national-forest.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/deschutes-river-sunset.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/devils-lake.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/fort-rock.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/horses.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/lava-lake.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/old-mill.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/paulina-peak.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/paulina-peak.jpg');
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/picnic.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/prineville.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/sisters.jpg
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/smith-rock.jpg
Source: chromecache_614.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/smith-rock.jpg);
Source: chromecache_461.2.dr	String found in binary or memory: https://www.midoregon.com/images/sections/tumalo-falls.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/tab.news.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/images/tab.resources.jpg
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/index.shtml
Source: chromecache_656.2.dr	String found in binary or memory: https://www.midoregon.com/js/linkwarning.js
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/autos.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/card-services.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/home-equity.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/homes.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/homes.shtml#rates
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/loans/personal.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/membership/index.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/news/index.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/news/newsletters.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/billpay.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/credit-savvy.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/digital-banking-conversion-faq.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/digital-banking.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/e-statements.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/financial-wellness-widget.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/mobile-wallets.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/pay-online-and-pay-by-phone.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/online/telephone-teller.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/rates/disclosures.shtml
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/rates/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/rates/index.shtml#tab2
Source: chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/services/index.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/services/index.shtml#directdeposit
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/services/index.shtml#overdraft
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/services/index.shtml#wire
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/services/trustage.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/social-media-statement.shtml
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.midoregon.com/turbotax/index.shtml
Source: chromecache_525.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/article_images/1633368393.jpg
Source: chromecache_525.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/article_images/1715289159.jpg
Source: chromecache_525.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/article_images/1719684441.jpg
Source: chromecache_525.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/article_images/1719766335.jpg
Source: chromecache_370.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/check_login.jspx?method=loginCheck&returnformat=plain
Source: chromecache_548.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/js/jquery-min.js
Source: chromecache_548.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/js/sos-script.js
Source: chromecache_370.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/myforgot.jspx?method=loginCheck&returnformat=plain
Source: chromecache_370.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/mymflogin.jspx?method=loginCheck&returnformat=plain
Source: chromecache_548.2.dr	String found in binary or memory: https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1
Source: chromecache_440.2.dr	String found in binary or memory: https://www.surveycarrot.com/index2.jspx?/
Source: chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	String found in binary or memory: https://www.surveycarrot.com/js/image_view.js
Source: chromecache_614.2.dr	String found in binary or memory: https://www.svcu.com/assets/css/custom.css
Source: chromecache_614.2.dr	String found in binary or memory: https://www.svcu.com/assets/css/theme.css
Source: chromecache_548.2.dr	String found in binary or memory: https://www.yelp.com/biz/mid-oregon-credit-union-bend
Source: chromecache_597.2.dr, chromecache_447.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: chromecache_548.2.dr	String found in binary or memory: https://www.youtube.com/user/MidOregonCreditUnion
Source: chromecache_548.2.dr	String found in binary or memory: https://www.youtube.com/watch?v=XeObAL8iX4s

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61626
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61629
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 61625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 61659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61633
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61634
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61635
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61639
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61630
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61631
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61645
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61646
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61647
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61649
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 61592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61640
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61641
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61643
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61657
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61659
Source: unknown	Network traffic detected: HTTP traffic on port 61660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61651
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61652
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61653
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 61635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 61603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61609
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61600
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61605
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61606
Source: unknown	Network traffic detected: HTTP traffic on port 61613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61607
Source: unknown	Network traffic detected: HTTP traffic on port 61707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 61669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 61670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61611
Source: unknown	Network traffic detected: HTTP traffic on port 61582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61612
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61613
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61614
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61618
Source: unknown	Network traffic detected: HTTP traffic on port 61647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61610
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61640 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 61652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 61674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61668
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61669
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61660
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61663
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61665
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61567 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61677
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61679
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61670
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61674
Source: unknown	Network traffic detected: HTTP traffic on port 61649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61680
Source: unknown	Network traffic detected: HTTP traffic on port 61684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61686
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61687
Source: unknown	Network traffic detected: HTTP traffic on port 61605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61692
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61698
Source: unknown	Network traffic detected: HTTP traffic on port 61654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61597 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 61629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 61587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 61701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 61630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 61713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 61698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 61642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61565 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61634 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443

Source: unknown	HTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.5:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.228.174.117:443 -> 192.168.2.5:49963 version: TLS 1.2

Source: classification engine

Classification label: mal48.phis.win@47/583@185/67

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1820 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.midoregon.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7248 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7384 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1820 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7248 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7384 --field-trial-handle=2064,i,7133968717783670167,9634449485991868267,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
http://www.midoregon.com	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
http://g.co/dev/maps-no-account	0%	URL Reputation	safe
https://ampcid.google.com/v1/publisher:getClientId	0%	URL Reputation	safe
http://polymer.github.io/AUTHORS.txt	0%	URL Reputation	safe
https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling	0%	URL Reputation	safe
https://support.google.com/fusiontables/answer/9185417).	0%	URL Reputation	safe
https://developers.google.com/maps/deprecations	0%	URL Reputation	safe
http://polymer.github.io/PATENTS.txt	0%	URL Reputation	safe
https://www.midoregon.com/online/mobile-wallets.shtml	0%	Avira URL Cloud	safe
https://contact.midoregon.com/messages/service/cobrowse/externalUrl/v1	0%	Avira URL Cloud	safe
https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers	0%	URL Reputation	safe
https://www.midoregon.com/education/financial-workshops.shtml	0%	Avira URL Cloud	safe
https://developers.google.com/maps/documentation/javascript/libraries	0%	URL Reputation	safe
https://www.midoregon.com/images/icon/android-icon-192x192-dunplab-manifest-13604.png	0%	Avira URL Cloud	safe
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AC32D053B469479CB9B9C6587A4519D0	0%	Avira URL Cloud	safe
https://www.surveycarrot.com/index2.jspx?/	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/cdn/alkami-polyfills/2.1.0/polyfill.min.js	0%	Avira URL Cloud	safe
https://www.surveycarrot.com/index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2F	0%	Avira URL Cloud	safe
https://www.midoregon.com/accounts/debit-card.shtml	0%	Avira URL Cloud	safe
https://bam.nr-data.net/1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHn9ZR1NcRDNCUhFeB1xcdVpaR0IJXVsGQkl4V1JQTA%3D%3D&rst=8445&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/ForgotUsername&ptid=32eb6ad7e0ea011e&af=err,xhr,stn,ins&ap=53&be=1083&fe=7128&dc=6968&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1719869688737,%22n%22:0,%22f%22:4,%22dn%22:24,%22dne%22:24,%22c%22:24,%22s%22:24,%22ce%22:501,%22rq%22:502,%22rp%22:1083,%22rpe%22:1264,%22di%22:8037,%22ds%22:8037,%22de%22:8051,%22dc%22:8206,%22l%22:8206,%22le%22:8211%7D,%22navigation%22:%7B%7D%7D&fp=3457&fcp=3457&timestamp=1719869698293	0%	Avira URL Cloud	safe
https://github.com/jquery/jquery-color	0%	Avira URL Cloud	safe
https://www.midoregon.com/css/master.css	0%	Avira URL Cloud	safe
about:blank	0%	Avira URL Cloud	safe
https://www.cbsinvestorconnection.com/Advisors/Advisor_Bio?cuid=13602097&advisorid=10816	0%	Avira URL Cloud	safe
https://www.google.com/pagead/1p-conversion/1026675585/?random=1236793904&cv=7&fst=1719869641484&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECIgEBQAE&pscrd=CMeOldaHhrS2LyITCMe66djlhocDFd5NHgIdL3sDNTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhpodHRwczovL3d3dy5taWRvcmVnb24uY29tLw&is_vtc=1&cid=CAQSKQDaQooLoe0jMr9a2dyMHB7OvHBUBGgQPzm9xOu62daBZRHUOJ9RJvWg&random=22151835	0%	Avira URL Cloud	safe
https://feed.mikle.com/api/proxy/	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/jquery.plugins.bundle/jquery.filestyle.min.js	0%	Avira URL Cloud	safe
https://github.com/twbs/bootstrap/graphs/contributors)	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/content-articles-ts.min.js	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/icon/apple-icon-120x120-dunplab-manifest-13604.png	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/avtec.png	0%	Avira URL Cloud	safe
https://bam.nr-data.net/events/1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHmtTUl1ARBRQQwpfCHJWWEFGXFwKVEVMeQhVXE4%3D&rst=24652&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/Registration&ptid=b1f178e73355ce84	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/cdn/ua-parser/1.0.35/ua-parser.min.js	0%	Avira URL Cloud	safe
https://d.agkn.com/pixel/10751/?che=1719869644065&ip=8.46.123.33&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216573104930005332115	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/menu.services.jpg	0%	Avira URL Cloud	safe
https://iris.alkamitech.com/web/components/dropdown.html	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/sections/devils-lake.jpg	0%	Avira URL Cloud	safe
https://www.midoregon.com/loans/homes.shtml#rates	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/sections/sisters.jpg	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/Digital%20Banking/Accounts%20Screen%20Web2-1.png	0%	Avira URL Cloud	safe
https://www.google.com/search?q=download	0%	Avira URL Cloud	safe
https://um.simpli.fi/yahoo	0%	Avira URL Cloud	safe
https://sync.1rx.io/usersync/simplifi/AC32D053B469479CB9B9C6587A4519D0	0%	Avira URL Cloud	safe
https://um.simpli.fi/exelatem	0%	Avira URL Cloud	safe
https://contact.midoregon.com/messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8	0%	Avira URL Cloud	safe
https://www.midoregon.com/about/careers.shtml	0%	Avira URL Cloud	safe
https://visitor.r20.constantcontact.com/d.jsp?llr=wguxwmeab&p=oi&m=1104233091286&sit=6dgk96vfb&f=cc8	0%	Avira URL Cloud	safe
https://www.svcu.com/assets/css/custom.css	0%	Avira URL Cloud	safe
https://reorder.libertysite.com	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/logo-dark@2x.png	0%	Avira URL Cloud	safe
https://www.google.com/search?q=enable	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/screen-ts.min.js	0%	Avira URL Cloud	safe
https://sync.1rx.io/usersync/simplifi/AC32D053B469479CB9B9C6587A4519D0?zcc=1&cb=1719869643936	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/icon/apple-icon-144x144-dunplab-manifest-13604.png	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/logo-dark	0%	Avira URL Cloud	safe
https://github.com/yowainwright/shave#readme	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/icon/apple-icon-114x114-dunplab-manifest-13604.png	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/favicons/favicon.png	0%	Avira URL Cloud	safe
https://www.midoregon.com/manifest.json	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/sections/paulina-peak.jpg');	0%	Avira URL Cloud	safe
https://www.midoregon.com/rates/index.shtml#tab2	0%	Avira URL Cloud	safe
https://feed.mikle.com/support/three-most-frequent-issues-with-rss-feeds-with-solutions/	0%	Avira URL Cloud	safe
https://sync.bfmio.com/sync?pid=141&uid=AC32D053B469479CB9B9C6587A4519D0	0%	Avira URL Cloud	safe
https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/bot.png	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/menu.accounts.jpg	0%	Avira URL Cloud	safe
https://midoregon.loanspq.com/cc/CreditCard.aspx?lenderref=midoregonfcu63017&	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/hero/rewards.jpg	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/sections/smith-rock.jpg);	0%	Avira URL Cloud	safe
https://loadm.exelator.com/load/?p=204&g=2191&simid=AC32D053B469479CB9B9C6587A4519D0&j=0&xl8blockcheck=1	0%	Avira URL Cloud	safe
https://www.midoregon.com/social-media-statement.shtml	0%	Avira URL Cloud	safe
https://i.simpli.fi/p?cid=206526&cb=sifi_att_42656._hp	0%	Avira URL Cloud	safe
https://www.linkedin.com/company/mid-oregon-credit-union	0%	Avira URL Cloud	safe
https://um.simpli.fi/ox_match	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/Digital%20Banking/MERGED-SCREENS-TABLET-web-300x192.png	0%	Avira URL Cloud	safe
https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1	0%	Avira URL Cloud	safe
https://www.midoregon.com/education/calculators.shtml	0%	Avira URL Cloud	safe
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=AC32D053B469479CB9B9C6587A4519D0	0%	Avira URL Cloud	safe
https://github.com/jquery-form/form	0%	Avira URL Cloud	safe
https://um.simpli.fi/bluekai	0%	Avira URL Cloud	safe
https://www.midoregon.com/online/e-statements.shtml	0%	Avira URL Cloud	safe
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869632048&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=82ce2d&ler=empty&cdl=API_unavailable&it=1719869630579&coo=false&cs_cc=1&rqm=FGET	0%	Avira URL Cloud	safe
https://contact.midoregon.com/messages/service/skillBasedRouting/widget/panels/data?panelId=	0%	Avira URL Cloud	safe
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js	0%	Avira URL Cloud	safe
https://www.stickleyonsecurity.com/images/loading.gif	0%	Avira URL Cloud	safe
http://www.entrustdatacard.com/This	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/icon/favicon-16x16-dunplab-manifest-13604.png	0%	Avira URL Cloud	safe
https://s3-us-west-1.amazonaws.com/elt-static/eltropy-messenger/	0%	Avira URL Cloud	safe
https://um.simpli.fi/ad_advisor	0%	Avira URL Cloud	safe
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/language-toggle-ts.min.js	0%	Avira URL Cloud	safe
https://login.midoregon.com/Authentication/Username	0%	Avira URL Cloud	safe
https://www.midoregon.com/about/board.shtml	0%	Avira URL Cloud	safe
https://www.midoregon.com/css/colors.css	0%	Avira URL Cloud	safe
https://cobrowsing.eltropy.com	0%	Avira URL Cloud	safe
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]	0%	Avira URL Cloud	safe
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DAC32D053B469479CB9B9C6587A4519D0	0%	Avira URL Cloud	safe
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js	0%	Avira URL Cloud	safe
http://paulmillr.com)	0%	Avira URL Cloud	safe
https://www.midoregon.com/images/appstore-apple.png	0%	Avira URL Cloud	safe
https://eltropy.com/legal/	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
um.simpli.fi	35.204.158.49	true	false	unknown
www.surveycarrot.com	80.208.252.166	true	false	unknown
d2yc0o7ycjs17k.cloudfront.net	143.204.68.82	true	false	unknown
eu-eb2.3lift.com	13.248.245.213	true	false	unknown
stats.g.doubleclick.net	108.177.15.154	true	false	unknown
wup-1ca8ebd0.us.v2.we-stats.com	52.141.217.134	true	false	unknown
rtb-csync-euw1.smartadserver.com	89.149.192.201	true	false	unknown
cdnjs.cloudflare.com	104.17.24.14	true	false	unknown
cm.g.doubleclick.net	142.250.186.66	true	false	unknown
d3lyk6mjwds9ox.cloudfront.net	18.239.69.61	true	false	unknown
sync.1rx.io	46.228.174.117	true	false	unknown
www.google.com	172.217.18.4	true	false	unknown
d1lvyn09g7nf92.cloudfront.net	3.160.213.169	true	false	unknown
sync.intentiq.com	18.239.69.49	true	false	unknown
a033fb72701935a3d.awsglobalaccelerator.com	76.223.60.153	true	false	unknown
bcp.crwdcntrl.net	52.50.8.163	true	false	unknown
star-mini.c10r.facebook.com	157.240.253.35	true	false	unknown
log-1ca8ebd0.us.v2.we-stats.com	52.238.253.184	true	false	unknown
us-u.openx.net	34.98.64.218	true	false	unknown
iris.alkamitech.com	18.244.18.107	true	false	unknown
ActivationEdge-activation-1631408035.eu-central-1.elb.amazonaws.com	3.73.136.118	true	false	unknown
cobrowsing.eltropy.com	188.40.16.190	true	false	unknown
bg.microsoft.map.fastly.net	199.232.214.172	true	false	unknown
cdn.acsbapp.com	172.67.11.155	true	false	unknown
googleads.g.doubleclick.net	172.217.16.130	true	false	unknown
acsbapp.com	172.67.11.155	true	false	unknown
partners-alb-1113315349.us-east-1.elb.amazonaws.com	54.160.208.211	true	false	unknown
feedwind-v2-prod-alb-765050801.us-east-1.elb.amazonaws.com	3.228.125.241	true	false	unknown
d2kc9bbovjrjt2.cloudfront.net	99.86.1.231	true	false	unknown
fastly-tls12-bam.nr-data.net	162.247.243.29	true	false	unknown
www.stickleyonsecurity.com	80.208.252.166	true	false	unknown
doerd31l9oh9k.cloudfront.net	108.138.24.125	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
d3q5vj014p5nip.cloudfront.net	13.227.219.120	true	false	unknown
d2rikquc8s9owl.cloudfront.net	65.9.86.74	true	false	unknown
scontent.xx.fbcdn.net	157.240.0.6	true	false	unknown
idsync.rlcdn.com	35.244.174.68	true	false	unknown
code.jquery.com	151.101.2.137	true	false	unknown
i.simpli.fi	35.204.89.238	true	false	unknown
d3hspktnnoy2e3.cloudfront.net	3.160.212.29	true	false	unknown
www.midoregon.com	67.227.180.41	true	false	unknown
io-cookie-sync-1725936127.us-east-1.elb.amazonaws.com	52.3.135.254	true	false	unknown
pixel.tapad.com	34.111.113.62	true	false	unknown
raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com	54.76.4.134	true	false	unknown
tag.simpli.fi	35.204.89.238	true	false	unknown
pippio.com	107.178.254.65	true	false	unknown
tag-terraform-elb-1705565586.eu-central-1.elb.amazonaws.com	3.79.121.3	true	false	unknown
js-agent.newrelic.com	162.247.243.39	true	false	unknown
fei.pro-market.net	107.178.240.89	true	false	unknown
s.ad.smaato.net	18.66.218.31	true	false	unknown
load-euw1.exelator.com	34.254.143.3	true	false	unknown
ib.anycast.adnxs.com	37.252.172.123	true	false	unknown
assets.orb.alkamitech.com	unknown	unknown	false	unknown
feed.mikle.com	unknown	unknown	true	unknown
sync.targeting.unrulymedia.com	unknown	unknown	false	unknown
simplifi.partners.tremorhub.com	unknown	unknown	false	unknown
sync.smartadserver.com	unknown	unknown	false	unknown
1.a79ab95c1589a13f8a4cab612bc71f9f7.com	unknown	unknown	false	unknown
pixel.rubiconproject.com	unknown	unknown	false	unknown
ce.lijit.com	unknown	unknown	false	unknown
connect.facebook.net	unknown	unknown	false	unknown
px.ads.linkedin.com	unknown	unknown	false	unknown
bam.nr-data.net	unknown	unknown	false	unknown
1.b406929acabac9b095f124c81bdfcf57f.com	unknown	unknown	false	unknown
stags.bluekai.com	unknown	unknown	false	unknown
login.midoregon.com	unknown	unknown	false	unknown
1.c81358859121583b7adf2ace89cb39f44.com	unknown	unknown	false	unknown
d.agkn.com	unknown	unknown	false	unknown
sync.bfmio.com	unknown	unknown	false	unknown
aa.agkn.com	unknown	unknown	false	unknown
cs.lkqd.net	unknown	unknown	false	unknown
www.facebook.com	unknown	unknown	false	unknown
bcdn-god.we-stats.com	unknown	unknown	false	unknown
contact.midoregon.com	unknown	unknown	false	unknown
ib.adnxs.com	unknown	unknown	false	unknown
eb2.3lift.com	unknown	unknown	false	unknown
loadm.exelator.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.midoregon.com/online/digital-banking.shtml	false		unknown
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=AC32D053B469479CB9B9C6587A4519D0	false	Avira URL Cloud: safe	unknown
https://bam.nr-data.net/1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHn9ZR1NcRDNCUhFeB1xcdVpaR0IJXVsGQkl4V1JQTA%3D%3D&rst=8445&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/ForgotUsername&ptid=32eb6ad7e0ea011e&af=err,xhr,stn,ins&ap=53&be=1083&fe=7128&dc=6968&fsh=0&perf=%7B%22timing%22:%7B%22of%22:1719869688737,%22n%22:0,%22f%22:4,%22dn%22:24,%22dne%22:24,%22c%22:24,%22s%22:24,%22ce%22:501,%22rq%22:502,%22rp%22:1083,%22rpe%22:1264,%22di%22:8037,%22ds%22:8037,%22de%22:8051,%22dc%22:8206,%22l%22:8206,%22le%22:8211%7D,%22navigation%22:%7B%7D%7D&fp=3457&fcp=3457&timestamp=1719869698293	false	Avira URL Cloud: safe	unknown
https://contact.midoregon.com/messages/service/cobrowse/externalUrl/v1	false	Avira URL Cloud: safe	unknown
https://www.surveycarrot.com/index2.jspx?/BAZ42KGHJU/images&quotes=https%3A%2F%2Fwww.midoregon.com%2F	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/cdn/alkami-polyfills/2.1.0/polyfill.min.js	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/css/master.css	false	Avira URL Cloud: safe	unknown
about:blank	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/content-articles-ts.min.js	false	Avira URL Cloud: safe	unknown
https://www.google.com/pagead/1p-conversion/1026675585/?random=1236793904&cv=7&fst=1719869641484&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECIgEBQAE&pscrd=CMeOldaHhrS2LyITCMe66djlhocDFd5NHgIdL3sDNTICCAMyAggEMgIIBzICCAgyAggJMgIICjICCAIyAggLOhpodHRwczovL3d3dy5taWRvcmVnb24uY29tLw&is_vtc=1&cid=CAQSKQDaQooLoe0jMr9a2dyMHB7OvHBUBGgQPzm9xOu62daBZRHUOJ9RJvWg&random=22151835	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/jquery.plugins.bundle/jquery.filestyle.min.js	false	Avira URL Cloud: safe	unknown
https://bam.nr-data.net/events/1/NRBR-7f34ea11d764c7f1d82?a=222382548&v=1.261.1&to=ZlIBZBRQV0VUV0dZCV8YLmYlHmtTUl1ARBRQQwpfCHJWWEFGXFwKVEVMeQhVXE4%3D&rst=24652&ck=0&s=c18ea8cf92eb536b&ref=https://login.midoregon.com/Registration&ptid=b1f178e73355ce84	false	Avira URL Cloud: safe	unknown
https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1&shareurl=https%3A%2F%2Fwww.midoregon.com%2F&undefined	false		unknown
https://www.midoregon.com/images/avtec.png	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/cdn/ua-parser/1.0.35/ua-parser.min.js	false	Avira URL Cloud: safe	unknown
https://d.agkn.com/pixel/10751/?che=1719869644065&ip=8.46.123.33&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216573104930005332115	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/sections/devils-lake.jpg	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/menu.services.jpg	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/Digital%20Banking/Accounts%20Screen%20Web2-1.png	false	Avira URL Cloud: safe	unknown
https://um.simpli.fi/yahoo	false	Avira URL Cloud: safe	unknown
https://sync.1rx.io/usersync/simplifi/AC32D053B469479CB9B9C6587A4519D0	false	Avira URL Cloud: safe	unknown
https://um.simpli.fi/exelatem	false	Avira URL Cloud: safe	unknown
https://contact.midoregon.com/messages/service/skillBasedRouting/widget/channelList?ccgId=0c5c65e5-bb2a-4dc7-ab3c-6a76c3dc03b8	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/logo-dark@2x.png	false	Avira URL Cloud: safe	unknown
https://sync.1rx.io/usersync/simplifi/AC32D053B469479CB9B9C6587A4519D0?zcc=1&cb=1719869643936	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/icon/apple-icon-144x144-dunplab-manifest-13604.png	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/screen-ts.min.js	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/manifest.json	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/production/themesets/28f75336-2d61-4c64-8237-e68ae6ac9157/themes/theme-builder/default/assets/favicons/favicon.png	false	Avira URL Cloud: safe	unknown
https://sync.bfmio.com/sync?pid=141&uid=AC32D053B469479CB9B9C6587A4519D0	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/menu.accounts.jpg	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/hero/rewards.jpg	false	Avira URL Cloud: safe	unknown
https://loadm.exelator.com/load/?p=204&g=2191&simid=AC32D053B469479CB9B9C6587A4519D0&j=0&xl8blockcheck=1	false	Avira URL Cloud: safe	unknown
https://i.simpli.fi/p?cid=206526&cb=sifi_att_42656._hp	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/Digital%20Banking/MERGED-SCREENS-TABLET-web-300x192.png	false	Avira URL Cloud: safe	unknown
https://um.simpli.fi/ox_match	false	Avira URL Cloud: safe	unknown
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=AC32D053B469479CB9B9C6587A4519D0	false	Avira URL Cloud: safe	unknown
https://um.simpli.fi/bluekai	false	Avira URL Cloud: safe	unknown
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=186387211961646&ev=PageView&dl=https%3A%2F%2Fwww.midoregon.com&rl=&if=false&ts=1719869632048&sw=1280&sh=1024&v=2.9.159&r=stable&ec=0&o=4124&fbp=fb.1.1719869632042.867386412250169740&cs_est=true&pm=1&hrl=82ce2d&ler=empty&cdl=API_unavailable&it=1719869630579&coo=false&cs_cc=1&rqm=FGET	false	Avira URL Cloud: safe	unknown
https://contact.midoregon.com/messages/service/skillBasedRouting/widget/panels/data?panelId=	false	Avira URL Cloud: safe	unknown
https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js	false	Avira URL Cloud: safe	unknown
https://www.stickleyonsecurity.com/images/loading.gif	false	Avira URL Cloud: safe	unknown
https://assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.6.0/javascripts/vendor.bundles/globals.bundle/language-toggle-ts.min.js	false	Avira URL Cloud: safe	unknown
https://um.simpli.fi/ad_advisor	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/css/colors.css	false	Avira URL Cloud: safe	unknown
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]	false	Avira URL Cloud: safe	unknown
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DAC32D053B469479CB9B9C6587A4519D0	false	Avira URL Cloud: safe	unknown
https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/appstore-apple.png	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.surveycarrot.com/index2.jspx?/	chromecache_440.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/online/mobile-wallets.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
http://g.co/dev/maps-no-account	chromecache_490.2.dr	false	URL Reputation: safe	unknown
https://www.midoregon.com/accounts/debit-card.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/education/financial-workshops.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/icon/android-icon-192x192-dunplab-manifest-13604.png	chromecache_598.2.dr	false	Avira URL Cloud: safe	unknown
https://ampcid.google.com/v1/publisher:getClientId	chromecache_504.2.dr	false	URL Reputation: safe	unknown
https://github.com/jquery/jquery-color	chromecache_452.2.dr	false	Avira URL Cloud: safe	unknown
https://www.cbsinvestorconnection.com/Advisors/Advisor_Bio?cuid=13602097&advisorid=10816	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
http://polymer.github.io/AUTHORS.txt	chromecache_562.2.dr	false	URL Reputation: safe	unknown
https://feed.mikle.com/api/proxy/	chromecache_647.2.dr	true	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_369.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/icon/apple-icon-120x120-dunplab-manifest-13604.png	chromecache_598.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/sections/sisters.jpg	chromecache_461.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/loans/homes.shtml#rates	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://developers.google.com/maps/documentation/javascript/styling#cloud_tooling	chromecache_490.2.dr	false	URL Reputation: safe	unknown
https://iris.alkamitech.com/web/components/dropdown.html	chromecache_492.2.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/fusiontables/answer/9185417).	chromecache_490.2.dr	false	URL Reputation: safe	unknown
https://developers.google.com/maps/deprecations	chromecache_490.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/search?q=download	chromecache_609.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/about/careers.shtml	chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://visitor.r20.constantcontact.com/d.jsp?llr=wguxwmeab&p=oi&m=1104233091286&sit=6dgk96vfb&f=cc8	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.svcu.com/assets/css/custom.css	chromecache_614.2.dr	false	Avira URL Cloud: safe	unknown
https://reorder.libertysite.com	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
http://polymer.github.io/PATENTS.txt	chromecache_562.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/search?q=enable	chromecache_609.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/logo-dark	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/yowainwright/shave#readme	chromecache_405.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/icon/apple-icon-114x114-dunplab-manifest-13604.png	chromecache_598.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/sections/paulina-peak.jpg');	chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/rates/index.shtml#tab2	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://feed.mikle.com/support/three-most-frequent-issues-with-rss-feeds-with-solutions/	chromecache_647.2.dr	true	Avira URL Cloud: safe	unknown
https://eltropy-artifacts.s3.us-west-2.amazonaws.com/contact-widget/bot.png	chromecache_418.2.dr	false	Avira URL Cloud: safe	unknown
https://midoregon.loanspq.com/cc/CreditCard.aspx?lenderref=midoregonfcu63017&	chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/images/sections/smith-rock.jpg);	chromecache_614.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/social-media-statement.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.linkedin.com/company/mid-oregon-credit-union	chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.stickleyonsecurity.com/s/sample9.jspx?playerid=721175501&startsos=1	chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/education/calculators.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://github.com/jquery-form/form	chromecache_667.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/online/e-statements.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://developers.google.com/maps/documentation/javascript/error-messages#unsupported-browsers	chromecache_490.2.dr	false	URL Reputation: safe	unknown
https://www.midoregon.com/images/icon/favicon-16x16-dunplab-manifest-13604.png	chromecache_598.2.dr	false	Avira URL Cloud: safe	unknown
http://www.entrustdatacard.com/This	chromecache_678.2.dr	false	Avira URL Cloud: safe	unknown
https://developers.google.com/maps/documentation/javascript/libraries	chromecache_490.2.dr	false	URL Reputation: safe	unknown
https://s3-us-west-1.amazonaws.com/elt-static/eltropy-messenger/	chromecache_413.2.dr, chromecache_646.2.dr, chromecache_423.2.dr, chromecache_650.2.dr	false	Avira URL Cloud: safe	unknown
https://login.midoregon.com/Authentication/Username	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://www.midoregon.com/about/board.shtml	chromecache_434.2.dr, chromecache_563.2.dr, chromecache_548.2.dr	false	Avira URL Cloud: safe	unknown
https://cobrowsing.eltropy.com	chromecache_582.2.dr, chromecache_457.2.dr	false	Avira URL Cloud: safe	unknown
http://paulmillr.com)	chromecache_576.2.dr	false	Avira URL Cloud: safe	unknown
https://eltropy.com/legal/	chromecache_418.2.dr	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
108.177.15.154	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
54.160.208.211	partners-alb-1113315349.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
3.73.136.118	ActivationEdge-activation-1631408035.eu-central-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
35.204.158.49	um.simpli.fi	United States	15169	GOOGLEUS	false
142.250.185.100	unknown	United States	15169	GOOGLEUS	false
18.238.243.123	unknown	United States	16509	AMAZON-02US	false
3.160.213.169	d1lvyn09g7nf92.cloudfront.net	United States	16509	AMAZON-02US	false
3.79.121.3	tag-terraform-elb-1705565586.eu-central-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
3.228.125.241	feedwind-v2-prod-alb-765050801.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
34.254.143.3	load-euw1.exelator.com	United States	16509	AMAZON-02US	false
18.239.69.61	d3lyk6mjwds9ox.cloudfront.net	United States	16509	AMAZON-02US	false
142.250.184.196	unknown	United States	15169	GOOGLEUS	false
76.223.60.153	a033fb72701935a3d.awsglobalaccelerator.com	United States	16509	AMAZON-02US	false
13.248.245.213	eu-eb2.3lift.com	United States	16509	AMAZON-02US	false
65.9.86.74	d2rikquc8s9owl.cloudfront.net	United States	16509	AMAZON-02US	false
143.204.68.82	d2yc0o7ycjs17k.cloudfront.net	United States	16509	AMAZON-02US	false
172.217.18.4	www.google.com	United States	15169	GOOGLEUS	false
157.240.0.35	unknown	United States	32934	FACEBOOKUS	false
108.138.2.146	unknown	United States	16509	AMAZON-02US	false
13.227.219.120	d3q5vj014p5nip.cloudfront.net	United States	16509	AMAZON-02US	false
3.160.212.29	d3hspktnnoy2e3.cloudfront.net	United States	16509	AMAZON-02US	false
107.178.254.65	pippio.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
52.141.217.134	wup-1ca8ebd0.us.v2.we-stats.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
157.240.253.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
108.138.24.125	doerd31l9oh9k.cloudfront.net	United States	16509	AMAZON-02US	false
35.244.174.68	idsync.rlcdn.com	United States	15169	GOOGLEUS	false
34.91.62.186	unknown	United States	15169	GOOGLEUS	false
37.252.171.85	unknown	European Union	29990	ASN-APPNEXUS	false
52.3.135.254	io-cookie-sync-1725936127.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
18.244.18.107	iris.alkamitech.com	United States	16509	AMAZON-02US	false
89.149.192.201	rtb-csync-euw1.smartadserver.com	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
54.76.4.134	raptor-prd-ew1-alb-2127381300.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
13.224.222.65	unknown	United States	16509	AMAZON-02US	false
216.58.206.36	unknown	United States	15169	GOOGLEUS	false
157.240.0.6	scontent.xx.fbcdn.net	United States	32934	FACEBOOKUS	false
37.252.172.123	ib.anycast.adnxs.com	European Union	29990	ASN-APPNEXUS	false
52.238.253.184	log-1ca8ebd0.us.v2.we-stats.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.248.176.177	unknown	United States	16509	AMAZON-02US	false
52.209.249.92	unknown	United States	16509	AMAZON-02US	false
99.86.1.231	d2kc9bbovjrjt2.cloudfront.net	United States	16509	AMAZON-02US	false
162.247.243.39	js-agent.newrelic.com	United States	13335	CLOUDFLARENETUS	false
18.66.218.31	s.ad.smaato.net	United States	3	MIT-GATEWAYSUS	false
89.149.193.120	unknown	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
172.67.11.155	cdn.acsbapp.com	United States	13335	CLOUDFLARENETUS	false
76.223.111.18	unknown	United States	16509	AMAZON-02US	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
52.49.200.26	unknown	United States	16509	AMAZON-02US	false
67.227.180.41	www.midoregon.com	United States	32244	LIQUIDWEBUS	false
107.178.240.89	fei.pro-market.net	United States	15169	GOOGLEUS	false
35.204.89.238	i.simpli.fi	United States	15169	GOOGLEUS	false
52.50.8.163	bcp.crwdcntrl.net	United States	16509	AMAZON-02US	false
188.40.16.190	cobrowsing.eltropy.com	Germany	24940	HETZNER-ASDE	false
3.223.171.233	unknown	United States	14618	AMAZON-AESUS	false
34.111.113.62	pixel.tapad.com	United States	15169	GOOGLEUS	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
34.98.64.218	us-u.openx.net	United States	15169	GOOGLEUS	false
80.208.252.166	www.surveycarrot.com	United Kingdom	397964	HYVE-MANAGED-HOSTINGUS	false
35.153.117.243	unknown	United States	14618	AMAZON-AESUS	false
104.22.1.204	unknown	United States	13335	CLOUDFLARENETUS	false
162.247.243.29	fastly-tls12-bam.nr-data.net	United States	13335	CLOUDFLARENETUS	false
18.239.69.49	sync.intentiq.com	United States	16509	AMAZON-02US	false
172.217.16.130	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
142.250.186.66	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
46.228.174.117	sync.1rx.io	United Kingdom	56396	TURNGB	false

Private

IP
192.168.2.7
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1465673
Start date and time:	2024-07-01 23:32:41 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 36s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://www.midoregon.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal48.phis.win@47/583@185/67
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://www.midoregon.com/online/digital-banking.shtml Browse: https://www.midoregon.com/contact/atm-locations.shtml Browse: https://login.midoregon.com/Registration Browse: https://login.midoregon.com/ForgotPassword Browse: https://login.midoregon.com/ForgotUsername

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.67, 172.217.16.206, 74.125.71.84, 34.104.35.123, 216.58.206.74, 216.58.206.67, 142.250.186.40, 142.250.184.202, 142.250.185.74, 172.217.18.10, 172.217.16.138, 142.250.186.42, 142.250.184.234, 172.217.16.202, 142.250.185.106, 142.250.186.170, 142.250.186.106, 142.250.74.202, 142.250.186.138, 172.217.23.106, 172.217.18.106, 142.250.181.234, 142.250.185.99, 142.250.185.234, 216.58.212.170, 142.250.185.170, 142.250.185.202, 142.250.185.138, 216.58.212.138, 142.250.186.74, 216.58.206.42, 142.250.185.78, 142.250.185.238, 40.127.169.103, 199.232.214.172, 192.229.221.95, 142.250.184.194, 20.166.126.56, 2.23.197.190, 69.173.144.139, 69.173.144.165, 69.173.144.138, 20.3.187.198, 13.107.42.14, 104.18.12.60, 104.18.13.60, 20.114.59.183, 142.250.185.195, 216.58.206.35, 52.165.165.26
Excluded domains from analysis (whitelisted): tags.bluekai.com.edgekey.net, www.googleadservices.com, pixel.rubiconproject.net.akadns.net, slscr.update.microsoft.com, clientservices.googleapis.com, maps.googleapis.com, e9126.x.akamaiedge.net, l-0005.l-msedge.net, clients2.google.com, ocsp.digicert.com, www.googletagmanager.com, login.midoregon.com.cdn.cloudflare.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, rtb-csync-geo.usersync-prod-sas.akadns.net, wu-b-net.trafficmanager.net, www.google-analytics.com, glb.sls.prod.dcat.dsp.trafficmanager.net, www-linkedin-com.l-0005.l-msedge.net, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, ajax.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, xandr-g-geo.trafficmanager.net, clients.l.google.com, maps.gstatic.co
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://www.midoregon.com

Input	Output
URL: https://www.midoregon.com/ Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": true,
Title: Mid Oregon Credit Union \| The Best Central Oregon Local Credit Union OCR: Digital Banking Connectivity, July 1, 2024: Our Digital Banking provider has reported performance issues in accessing our core system, affecting logins for members. Our team is working to restore full connectivity as soon as possible. For faster service in managing your accounts, please call or text Mid Oregon at 541-382-1795 and our team will assist you as quickly as possible. Please watch the website and social media for updates. Thank you for your understanding. FEDERAL HOLIDAY CLOSUREIndependence Day, July 4: In observance of the Independence Day holiday, all Mid Oregon offices will be closed July 4. Please note all offices will be open Friday, July 5. You can manage your accounts anytime using Digital Banking and our nationwide CO-OP ATMS. Latbns v Rates Careers Contact v Mid Q PERSONAL BUSINESS SERVICES RESOURCES ABOUT Account Login CreditUnion Rewards & More Our new Everyday Rewards VISA@ Car r Creditunion 4707 6900. 0051 has it all! 2858 06/22) VALUED HEMBER VISA Learn More	{"loginform": false,"urgency": true,
URL: https://www.midoregon.com/ Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": true,"captcha": false,"reasons": ["The text creates a sense of urgency by informing about performance issues affecting logins for members and suggesting to call or text Mid Oregon for faster service.","The text also mentions that all Mid Oregon offices will be closed on July 4 and suggests using Digital Banking and CO-OP ATMs for managing accounts."]}
Title: Mid Oregon Credit Union \| The Best Central Oregon Local Credit Union OCR: Digital Banking Connectivity, July 1, 2024: Our Digital Banking provider has reported performance issues in accessing our core system, affecting logins for members. Our team is working to restore full connectivity as soon as possible. For faster service in managing your accounts, please call or text Mid Oregon at 541-382-1795 and our team will assist you as quickly as possible. Please watch the website and social media for updates. Thank you for your understanding. FEDERAL HOLIDAY CLOSUREIndependence Day, July 4: In observance of the Independence Day holiday, all Mid Oregon offices will be closed July 4. Please note all offices will be open Friday, July 5. You can manage your accounts anytime using Digital Banking and our nationwide CO-OP ATMS. Latbns v Rates Careers Contact v Oregon Q PERSONAL BUSINESS SERVICES RESOURCES ABOUT Account Login CreditUnion Rewards & More Our new Everyday Rewards VISA@ Car r Creditunion 4707 6900. 0051.2858 has it all! 06/22) VALUED HEMBER VISA Learn More Have a question?
URL: https://www.midoregon.com Model: gpt-4o	```json{ "phishing_score": 1, "brands": "Mid Oregon Credit Union", "phishing": false, "suspicious_domain": false, "has_prominent_loginform": true, "has_captcha": false, "setechniques": false, "has_suspicious_link": false, "legitmate_domain": "midoregon.com", "reasons": "The URL 'https://www.midoregon.com' appears to be legitimate and matches the brand name 'Mid Oregon Credit Union' displayed on the webpage. There are no obvious signs of social engineering techniques, and the domain name does not seem suspicious. The site does have a prominent login form, but this is typical for a credit union's website. There are no captchas or suspicious links present. Based on the analysis, the site appears to be legitimate."}

URL: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": true,
Title: Mid Oregon Credit Union \| The Best Central Oregon Local Credit Union OCR: Digital Banking Connectivity, July 1, 2024: Our Digital Banking provider has reported performance issues in accessing our core system, affecting logins for members. Our team is working to restore full connectivity as soon as possible. For faster service in managing your accounts, please call or text Mid Oregon at 541-382-1795 and our team will assist you as quickly as possible. Please watch the website and social media for updates. Thank you for your understanding. FEDERAL HOLIDAY CLOSUREIndependence Day, July 4: In observance of the Independence Day holiday, all Mid Oregon offices will be closed July 4. Please note all offices will be open Friday, July 5. You can manage your accounts anytime using Digital Banking and our nationwide CO-OP ATMS. Latbns v Rates Careers Contact v Oregon Q PERSONAL BUSINESS SERVICES RESOURCES ABOUT Account Login CreditUnion Rewards & More Our new Everyday Rewards VISA@ Car r Creditunion 4707 6900. 0051 has it all! 2858 06/22) VALUED HEMBER VISA Learn More	{"loginform": false,"urgency": true,
URL: https://feed.mikle.com/widget/v2/61549/?id=fw-iframe61549&preloader-text=Loading Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": true,"captcha": false,"reasons": ["The text creates a sense of urgency by informing about performance issues affecting logins for members and suggesting to call or text Mid Oregon for faster service.","The text also mentions that all Mid Oregon offices will be closed on July 4 and suggests using Digital Banking and CO-OP ATMs for managing accounts."]}
Title: Mid Oregon Credit Union \| The Best Central Oregon Local Credit Union OCR: Digital Banking Connectivity, July 1, 2024: Our Digital Banking provider has reported performance issues in accessing our core system, affecting logins for members. Our team is working to restore full connectivity as soon as possible. For faster service in managing your accounts, please call or text Mid Oregon at 541-382-1795 and our team will assist you as quickly as possible. Please watch the website and social media for updates. Thank you for your understanding. FEDERAL HOLIDAY CLOSUREIndependence Day, July 4: In observance of the Independence Day holiday, all Mid Oregon offices will be closed July 4. Please note all offices will be open Friday, July 5. You can manage your accounts anytime using Digital Banking and our nationwide CO-OP ATMS. Latbns v Rates Careers Contact v Oregon Q PERSONAL BUSINESS SERVICES RESOURCES ABOUT Account Login CreditUnion Rewards & More Our new Everyday Rewards VISA@ Car r Creditunion 4707 6900. 0051.2858 has it all! 06/22) VALUED HEMBER VISA Learn More Have a question?
URL: https://feed.mikle.com Model: gpt-4o	```json{ "phishing_score": 8, "brands": "Mid Oregon Credit Union", "phishing": true, "suspicious_domain": true, "has_prominent_loginform": true, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "midoregon.com", "reasons": "The URL 'https://feed.mikle.com' does not match the legitimate domain associated with Mid Oregon Credit Union, which is 'midoregon.com'. The presence of a prominent login form and the use of social engineering techniques such as urgent messages about connectivity issues and holiday closures are common in phishing sites. Additionally, the domain 'feed.mikle.com' appears suspicious and unrelated to the legitimate brand."}

URL: https://www.midoregon.com/contact/atm-locations.shtml Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form as there is no explicit request for sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV).","The text of the webpage does not create a sense of urgency as it does not contain phrases such as 'Click here to view document', 'To view secured document click here', or 'Open the link to see your invoice'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: ATM Locations \| Mid Oregon Credit Union OCR: Careers Locations v Rates Contact v Oregon Q PERSONAL BUSINESS SERVICES RESOURCES ABOUT a Account Login Credit Union ATM Locations Other Mid Oregon ATM Locatior Have a question? Fee-free ATMs In addition to all Mid Oregon branch location
URL: https://www.midoregon.com/contact/atm-locations.shtml Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form as there is no explicit request for sensitive information such as passwords, email addresses, usernames, phone numbers or credit card numbers (CVV).","The text does not create a sense of urgency or interest as it does not contain phrases such as 'Click here to view document', 'To view secured document click here', or 'Open the link to see your invoice'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: ATM Locations \| Mid Oregon Credit Union OCR: Careers Locations v Rates Contact v Oregon Q PERSONAL BUSINESS SERVICES RESOURCES ABOUT a Account Login Credit Union ATM Locations Other Mid Oregon ATM Locati0A Have a question? Fee-free ATMs In addition to all Mid Oregon branch locations,
URL: https://login.midoregon.com/Registration Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, as there is no explicit request for sensitive information such as passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text does not create a sense of urgency, as there are no phrases such as 'Click here to view document', 'To view secured document click here', or 'Open the link to see your invoice'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: Mid Oregon Credit Union OCR: Mid Credit Union 1 Want To Register to Register to my individual my business account account Select this if you Select this if you have a personal have a business account account Mobile number: 323274186 Home Contact Us Routina
URL: https://login.midoregon.com/ForgotPassword Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The title and text of the webpage do not contain any elements of a login form, such as passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text of the webpage does not create a sense of urgency or interest, as it only contains information about Mid Oregon Credit Union, its mobile contact, routing number, and electronic services terms and conditions.","There is no evidence of a CAPTCHA or any other anti-robot detection mechanism on the webpage."]}
Title: Mid Oregon Credit Union OCR: Mid Credit Union Home Mobile Contact Us Routing number: 323274186 Electronic Services Terms and Conditions Privacy Poliqy
URL: https://login.midoregon.com/ForgotUsername Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, as there is no explicit request for sensitive information such as passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text does not create a sense of urgency, as there are no phrases that urge the user to click a link or take immediate action.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: Mid Oregon Credit Union OCR: Mid Credit Union Step I of 5 1 Want To Find my business Find my personal username username Choose this if you are a Choose this if you are an individual and you forgot business and you forgot your your username username Home Mobile Contact Us Routing number: 323274186

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Jul 1 20:33:44 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9782628663111432
Encrypted:	false
SSDEEP:	48:8JdpTxhPHUidAKZdA19ehwiZUklqeh2y+3:8NH6By
MD5:	FB0C5A1FE4CC39EF6946DC8505AD44B8
SHA1:	0F3A524593729E5F82BBE6FB691586B779F9C4FF
SHA-256:	2ED6E8E3DDA1BCC6C0BC8459DA0DCC8EC3223342E916ED228FE6C7F1CAC5B0EE
SHA-512:	D188A2877A1A35CD9F23EBA9527D6B15C53412A0C661678263141834336616D4F1C464666623C33BA91A367BB3E397CAB36C8B03AD993A1175ACBF7DF8DEF6D7
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....mmY....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X3.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X3.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X3.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X3............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X7............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............~.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Timestamp	Bytes transferred	Direction	Data
Jul 1, 2024 23:33:44.691255093 CEST	432	OUT	GET / HTTP/1.1 Host: www.midoregon.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9
Jul 1, 2024 23:33:45.208545923 CEST	549	IN	HTTP/1.1 301 Moved Permanently Date: Mon, 01 Jul 2024 21:33:45 GMT Server: Apache Location: https://www.midoregon.com/ Cache-Control: max-age=600 Expires: Mon, 01 Jul 2024 21:43:45 GMT Content-Length: 234 Keep-Alive: timeout=5, max=200 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6d 69 64 6f 72 65 67 6f 6e 2e 63 6f 6d 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.midoregon.com/">here</a>.</p></body></html>

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Jul 1, 2024 23:34:27.099122047 CEST	46.228.174.117	443	192.168.2.5	49963	CN=*.targeting.unrulymedia.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Apr 30 02:00:00 CEST 2024 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019	Sun Jun 01 01:59:59 CEST 2025 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029	771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,18-27-51-5-11-0-13-65281-35-17513-65037-45-10-23-16-43,29-23-24,0	37f6b95f784435e541358bb038ac08e4
					CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB	CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	Fri Nov 02 01:00:00 CET 2018	Wed Jan 01 00:59:59 CET 2031
					CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Mar 12 01:00:00 CET 2019	Mon Jan 01 00:59:59 CET 2029

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:46 UTC	660	OUT	GET / HTTP/1.1 Host: www.midoregon.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:46 UTC	462	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:46 GMT Server: Apache Accept-Ranges: bytes Cache-Control: max-age=600 Expires: Mon, 01 Jul 2024 21:43:46 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/html
2024-07-01 21:33:46 UTC	7730	IN	Data Raw: 31 31 31 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 4d 69 64 20 4f 72 65 67 6f 6e 20 43 72 65 64 69 74 20 55 6e 69 6f 6e 20 7c 20 54 68 65 20 42 65 73 74 20 43 65 6e 74 72 61 6c 20 4f 72 65 67 6f 6e 20 4c 6f 63 61 6c 20 43 72 65 64 69 74 20 55 6e 69 6f 6e 20 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 0a 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3d 22 4c 6f 63 61 6c 20 74 6f 20 43 65 6e 74 72 61 6c 20 4f 72 65 67 6f 6e 2c 20 70 72 6f 76 69 64 69 6e 67 20 66 72 65 65 20 63 68 65 63 6b 69 6e 67 2c 20 61 75 74 6f 20 26 61 6d 70 3b 20 68 6f 6d 65 Data Ascii: 111e<!DOCTYPE html><html dir="ltr" lang="en-US"><head> <title>Mid Oregon Credit Union \| The Best Central Oregon Local Credit Union </title> <meta name="description" content="Local to Central Oregon, providing free checking, auto & home
2024-07-01 21:33:46 UTC	590	IN	Data Raw: 4c 0a 20 20 20 20 20 20 48 4f 4c 49 44 41 59 20 43 4c 4f 53 55 52 45 e2 80 94 49 6e 64 65 70 65 6e 64 65 6e 63 65 20 44 61 79 2c 20 4a 75 6c 79 20 34 3a 20 3c 2f 73 74 72 6f 6e 67 3e 49 6e 20 6f 62 73 65 72 76 61 6e 63 65 20 6f 66 20 74 68 65 20 49 6e 64 65 70 65 6e 64 65 6e 63 65 20 44 61 79 20 68 6f 6c 69 64 61 79 2c 20 61 6c 6c 20 4d 69 64 20 4f 72 65 67 6f 6e 0a 20 20 20 20 6f 66 66 69 63 65 73 20 77 69 6c 6c 20 62 65 20 63 6c 6f 73 65 64 20 4a 75 6c 79 20 34 2e 20 50 6c 65 61 73 65 20 6e 6f 74 65 20 61 6c 6c 20 6f 66 66 69 63 65 73 20 77 69 6c 6c 20 62 65 20 6f 70 65 6e 20 46 72 69 64 61 79 2c 20 4a 75 6c 79 20 35 2e 20 59 6f 75 20 63 61 6e 20 6d 61 6e 61 67 65 20 79 6f 75 72 20 61 63 63 6f 75 6e 74 73 0a 20 20 20 20 61 6e 79 74 69 6d 65 20 75 73 69 Data Ascii: L HOLIDAY CLOSUREIndependence Day, July 4: </strong>In observance of the Independence Day holiday, all Mid Oregon offices will be closed July 4. Please note all offices will be open Friday, July 5. You can manage your accounts anytime usi
2024-07-01 21:33:46 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-07-01 21:33:46 UTC	3213	IN	Data Raw: 34 32 0d 0a 0a 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 73 74 72 65 74 63 68 65 64 20 73 69 64 65 2d 70 61 6e 65 6c 2d 72 69 67 68 74 22 3e 0a 20 20 3c 21 2d 2d 63 6d 73 2d 64 69 73 61 62 6c 65 2d 2d 3e 0a 20 20 0d 0a 63 31 66 0d 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 64 79 2d 6f 76 65 72 6c 61 79 22 3e 3c 2f 64 69 76 3e 0d 0a 3c 64 69 76 20 69 64 3d 22 73 69 64 65 2d 70 61 6e 65 6c 22 3e 0d 0a 20 20 3c 64 69 76 20 69 64 3d 22 73 69 64 65 2d 70 61 6e 65 6c 2d 74 72 69 67 67 65 72 2d 63 6c 6f 73 65 22 20 63 6c 61 73 73 3d 22 73 69 64 65 2d 70 61 6e 65 6c 2d 74 72 69 67 67 65 72 22 3e 3c 61 20 68 72 65 66 3d 22 23 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 63 6c 6f 73 65 22 3e 3c 69 20 63 6c 61 73 73 3d 22 69 63 6f 6e 2d 6c 69 6e 65 2d 63 72 6f 73 73 22 Data Ascii: 42<body class="stretched side-panel-right"> ...cms-disable--> c1f<div class="body-overlay"></div><div id="side-panel"> <div id="side-panel-trigger-close" class="side-panel-trigger"><a href="#" aria-label="close"><i class="icon-line-cross"
2024-07-01 21:33:46 UTC	8192	IN	Data Raw: 61 39 0d 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 73 6b 69 70 74 6f 63 6f 6e 74 65 6e 74 22 3e 3c 61 20 68 72 65 66 3d 22 23 63 6f 6e 74 65 6e 74 22 3e 53 6b 69 70 20 74 6f 20 6d 61 69 6e 20 63 6f 6e 74 65 6e 74 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 0a 20 20 3c 21 2d 2d 20 44 6f 63 75 6d 65 6e 74 20 57 72 61 70 70 65 72 20 2d 2d 3e 0a 20 20 3c 64 69 76 20 69 64 3d 22 77 72 61 70 70 65 72 22 20 63 6c 61 73 73 3d 22 63 6c 65 61 72 66 69 78 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 54 6f 70 20 42 61 72 20 2d 2d 3e 0a 20 20 20 20 0d 0a 31 30 33 61 0d 0a 3c 64 69 76 20 69 64 3d 22 74 6f 70 2d 62 61 72 22 3e 0d 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 2d 66 6c 75 69 64 22 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 6a Data Ascii: a9 <div id="skiptocontent"><a href="#content">Skip to main content</a></div> ... Document Wrapper --> <div id="wrapper" class="clearfix"> ... Top Bar --> 103a<div id="top-bar"> <div class="container-fluid"> <div class="row j
2024-07-01 21:33:46 UTC	8000	IN	Data Raw: 73 3d 22 73 75 62 2d 6d 65 6e 75 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 22 3e 20 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 6c 69 6e 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6d 69 64 6f 72 65 67 6f 6e 2e 63 6f 6d 2f 61 63 63 6f 75 6e 74 73 2f 63 68 65 63 6b 69 6e 67 2e 73 68 74 6d 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 43 68 65 63 6b 69 6e 67 20 41 63 63 6f 75 6e 74 73 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 20 3c 2f 6c 69 3e 0d 0a 20 20 20 Data Ascii: s="sub-menu-container"> <li class="menu-item"> <a class="menu-link" href="https://www.midoregon.com/accounts/checking.shtml"> <div>Checking Accounts</div> </a> </li>
2024-07-01 21:33:46 UTC	8000	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 43 6f 6d 6d 65 72 63 69 61 6c 20 4c 6f 61 6e 73 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 20 3c 2f 6c 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 22 3e 20 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 6c 69 6e 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6d 69 64 6f 72 65 67 6f 6e 2e 63 6f 6d 2f 62 75 73 69 6e 65 73 73 2f 69 6e 64 65 78 2e 73 68 74 6d 6c 23 74 61 62 32 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 43 6f 6d 6d 65 72 63 69 61 6c Data Ascii: <div>Commercial Loans</div> </a> </li> <li class="menu-item"> <a class="menu-link" href="https://www.midoregon.com/business/index.shtml#tab2"> <div>Commercial
2024-07-01 21:33:46 UTC	8000	IN	Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 67 61 2d 6d 65 6e 75 20 6d 65 67 61 2d 6d 65 6e 75 2d 66 75 6c 6c 22 3e 20 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 6c 69 6e 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6d 69 64 6f 72 65 67 6f 6e 2e 63 6f 6d 2f 65 64 75 63 61 74 69 6f 6e 2f 69 6e 64 65 78 2e 73 68 74 6d 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 52 65 73 6f 75 72 63 65 73 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 65 67 61 2d 6d 65 6e 75 2d 63 6f 6e 74 Data Ascii: </li> <li class="menu-item mega-menu mega-menu-full"> <a class="menu-link" href="https://www.midoregon.com/education/index.shtml"> <div>Resources</div> </a> <div class="mega-menu-cont
2024-07-01 21:33:46 UTC	5398	IN	Data Raw: 3d 22 6d 65 6e 75 2d 69 74 65 6d 22 3e 20 3c 61 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 6c 69 6e 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6d 69 64 6f 72 65 67 6f 6e 2e 63 6f 6d 2f 61 62 6f 75 74 2f 62 6f 61 72 64 2e 73 68 74 6d 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 42 6f 61 72 64 20 6f 66 20 44 69 72 65 63 74 6f 72 73 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 20 3c 2f 6c 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 75 6c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0d 0a 20 20 20 20 20 20 20 20 Data Ascii: ="menu-item"> <a class="menu-link" href="https://www.midoregon.com/about/board.shtml"> <div>Board of Directors</div> </a> </li> </ul> </li>
2024-07-01 21:33:46 UTC	2	IN	Data Raw: 0d 0a Data Ascii:

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	550	OUT	GET /css/bootstrap.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:47 UTC	489	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:51 GMT Accept-Ranges: bytes Content-Length: 160362 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:47 UTC	7703	IN	Data Raw: 2f 2a 21 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 34 2e 35 2e 30 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 30 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 30 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 62 6c 75 65 3a 23 30 30 37 62 66 66 3b 2d 2d 69 6e 64 69 67 6f 3a 23 36 36 31 30 Data Ascii: /! Bootstrap v4.5.0 (https://getbootstrap.com/) * Copyright 2011-2020 The Bootstrap Authors * Copyright 2011-2020 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) */:root{--blue:#007bff;--indigo:#6610
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 2d 32 2c 2e 63 6f 6c 2d 73 6d 2d 33 2c 2e 63 6f 6c 2d 73 6d 2d 34 2c 2e 63 6f 6c 2d 73 6d 2d 35 2c 2e 63 6f 6c 2d 73 6d 2d 36 2c 2e 63 6f 6c 2d 73 6d 2d 37 2c 2e 63 6f 6c 2d 73 6d 2d 38 2c 2e 63 6f 6c 2d 73 6d 2d 39 2c 2e 63 6f 6c 2d 73 6d 2d 61 75 74 6f 2c 2e 63 6f 6c 2d 78 6c 2c 2e 63 6f 6c 2d 78 6c 2d 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 30 2c 2e 63 6f 6c 2d 78 6c 2d 31 31 2c 2e 63 6f 6c 2d 78 6c 2d 31 32 2c 2e 63 6f 6c 2d 78 6c 2d 32 2c 2e 63 6f 6c 2d 78 6c 2d 33 2c 2e 63 6f 6c 2d 78 6c 2d 34 2c 2e 63 6f 6c 2d 78 6c 2d 35 2c 2e 63 6f 6c 2d 78 6c 2d 36 2c 2e 63 6f 6c 2d 78 6c 2d 37 2c 2e 63 6f 6c 2d 78 6c 2d 38 2c 2e 63 6f 6c 2d 78 6c 2d 39 2c 2e 63 6f 6c 2d 78 6c 2d 61 75 74 6f 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 Data Ascii: -2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-auto,.col-xl,.col-xl-1,.col-xl-10,.col-xl-11,.col-xl-12,.col-xl-2,.col-xl-3,.col-xl-4,.col-xl-5,.col-xl-6,.col-xl-7,.col-xl-8,.col-xl-9,.col-xl-auto{position:relative;width:1
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 38 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 32 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 31 36 2e 36 36 36 36 36 37 25 3b 66 6c 65 78 3a 30 20 30 20 31 36 2e 36 36 36 36 36 37 25 3b 6d 61 78 2d 77 69 64 74 68 3a 31 36 2e 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 33 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 32 35 25 3b 66 6c 65 78 3a 30 20 30 20 32 35 25 3b 6d 61 78 2d 77 69 64 74 68 3a 32 35 25 7d 2e 63 6f 6c 2d 6c 67 2d 34 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 33 33 2e 33 33 33 33 33 33 25 3b 66 6c 65 78 3a 30 20 30 20 33 33 2e 33 33 33 33 33 33 25 3b 6d 61 78 2d 77 69 64 74 68 3a 33 33 2e 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 35 7b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 34 31 2e 36 36 Data Ascii: 3%;max-width:8.333333%}.col-lg-2{-ms-flex:0 0 16.666667%;flex:0 0 16.666667%;max-width:16.666667%}.col-lg-3{-ms-flex:0 0 25%;flex:0 0 25%;max-width:25%}.col-lg-4{-ms-flex:0 0 33.333333%;flex:0 0 33.333333%;max-width:33.333333%}.col-lg-5{-ms-flex:0 0 41.66
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 34 33 61 34 30 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 20 74 64 2c 2e 74 61 62 6c 65 2d 64 61 72 6b 20 74 68 2c 2e 74 61 62 6c 65 2d 64 61 72 6b 20 74 68 65 61 64 20 74 68 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 34 35 34 64 35 35 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 2e 74 61 62 6c 65 2d 62 6f 72 64 65 72 65 64 7b 62 6f 72 64 65 72 3a 30 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 2e 74 61 62 6c 65 2d 73 74 72 69 70 65 64 20 74 62 6f 64 79 20 74 72 3a 6e 74 68 2d 6f 66 2d 74 79 70 65 28 6f 64 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 30 35 29 7d 2e 74 61 62 6c 65 2d 64 61 72 6b 2e 74 61 62 6c 65 2d 68 6f 76 65 72 20 74 62 6f 64 79 20 74 72 3a 68 6f 76 Data Ascii: round-color:#343a40}.table-dark td,.table-dark th,.table-dark thead th{border-color:#454d55}.table-dark.table-bordered{border:0}.table-dark.table-striped tbody tr:nth-of-type(odd){background-color:rgba(255,255,255,.05)}.table-dark.table-hover tbody tr:hov
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 7d 2e 69 6e 76 61 6c 69 64 2d 74 6f 6f 6c 74 69 70 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 35 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 2e 32 35 72 65 6d 20 2e 35 72 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 31 72 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 37 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 32 30 2c 35 33 2c 36 39 2c 2e 39 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 35 72 65 6d 7d 2e 69 73 2d 69 6e 76 61 6c 69 64 7e 2e 69 6e 76 61 6c 69 64 2d 66 65 65 64 62 61 63 6b 2c 2e 69 Data Ascii: }.invalid-tooltip{position:absolute;top:100%;z-index:5;display:none;max-width:100%;padding:.25rem .5rem;margin-top:.1rem;font-size:.875rem;line-height:1.5;color:#fff;background-color:rgba(220,53,69,.9);border-radius:.25rem}.is-invalid~.invalid-feedback,.i
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 3a 66 6f 63 75 73 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 2e 32 72 65 6d 20 72 67 62 61 28 37 32 2c 31 38 30 2c 39 37 2c 2e 35 29 7d 2e 62 74 6e 2d 69 6e 66 6f 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 37 61 32 62 38 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 31 37 61 32 62 38 7d 2e 62 74 6e 2d 69 6e 66 6f 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 33 38 34 39 36 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 31 31 37 61 38 62 7d 2e 62 74 6e 2d 69 6e 66 6f 2e 66 6f 63 75 73 2c 2e 62 74 6e 2d 69 6e 66 6f 3a 66 6f 63 75 73 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 33 38 34 39 Data Ascii: :focus{box-shadow:0 0 0 .2rem rgba(72,180,97,.5)}.btn-info{color:#fff;background-color:#17a2b8;border-color:#17a2b8}.btn-info:hover{color:#fff;background-color:#138496;border-color:#117a8b}.btn-info.focus,.btn-info:focus{color:#fff;background-color:#13849
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 63 33 35 34 35 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 64 61 6e 67 65 72 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 2e 61 63 74 69 76 65 2c 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 64 61 6e 67 65 72 3a 6e 6f 74 28 3a 64 69 73 61 62 6c 65 64 29 3a 6e 6f 74 28 2e 64 69 73 61 62 6c 65 64 29 3a 61 63 74 69 76 65 2c 2e 73 68 6f 77 3e 2e 62 74 6e 2d 6f 75 74 6c 69 6e 65 2d 64 61 6e 67 65 72 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 63 33 35 34 35 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 64 63 33 35 34 35 7d 2e 62 74 6e 2d 6f 75 Data Ascii: c3545;background-color:transparent}.btn-outline-danger:not(:disabled):not(.disabled).active,.btn-outline-danger:not(:disabled):not(.disabled):active,.show>.btn-outline-danger.dropdown-toggle{color:#fff;background-color:#dc3545;border-color:#dc3545}.btn-ou
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 3a 31 30 30 25 7d 2e 62 74 6e 2d 67 72 6f 75 70 2d 76 65 72 74 69 63 61 6c 3e 2e 62 74 6e 2d 67 72 6f 75 70 3a 6e 6f 74 28 3a 66 69 72 73 74 2d 63 68 69 6c 64 29 2c 2e 62 74 6e 2d 67 72 6f 75 70 2d 76 65 72 74 69 63 61 6c 3e 2e 62 74 6e 3a 6e 6f 74 28 3a 66 69 72 73 74 2d 63 68 69 6c 64 29 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 70 78 7d 2e 62 74 6e 2d 67 72 6f 75 70 2d 76 65 72 74 69 63 61 6c 3e 2e 62 74 6e 2d 67 72 6f 75 70 3a 6e 6f 74 28 3a 6c 61 73 74 2d 63 68 69 6c 64 29 3e 2e 62 74 6e 2c 2e 62 74 6e 2d 67 72 6f 75 70 2d 76 65 72 74 69 63 61 6c 3e 2e 62 74 6e 3a 6e 6f 74 28 3a 6c 61 73 74 2d 63 68 69 6c 64 29 3a 6e 6f 74 28 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 Data Ascii: :100%}.btn-group-vertical>.btn-group:not(:first-child),.btn-group-vertical>.btn:not(:first-child){margin-top:-1px}.btn-group-vertical>.btn-group:not(:last-child)>.btn,.btn-group-vertical>.btn:not(:last-child):not(.dropdown-toggle){border-bottom-right-radi
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 6c 6e 73 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 27 20 77 69 64 74 68 3d 27 31 32 27 20 68 65 69 67 68 74 3d 27 31 32 27 20 76 69 65 77 42 6f 78 3d 27 2d 34 20 2d 34 20 38 20 38 27 25 33 65 25 33 63 63 69 72 63 6c 65 20 72 3d 27 33 27 20 66 69 6c 6c 3d 27 25 32 33 66 66 66 27 2f 25 33 65 25 33 63 2f 73 76 67 25 33 65 22 29 7d 2e 63 75 73 74 6f 6d 2d 72 61 64 69 6f 20 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 69 6e 70 75 74 3a 64 69 73 61 62 6c 65 64 3a 63 68 65 63 6b 65 64 7e 2e 63 75 73 74 6f 6d 2d 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 3a 3a 62 65 66 6f 72 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 31 32 33 2c 32 35 35 2c 2e 35 29 7d 2e 63 75 73 74 6f 6d 2d 73 77 69 74 Data Ascii: lns='http://www.w3.org/2000/svg' width='12' height='12' viewBox='-4 -4 8 8'%3e%3ccircle r='3' fill='%23fff'/%3e%3c/svg%3e")}.custom-radio .custom-control-input:disabled:checked~.custom-control-label::before{background-color:rgba(0,123,255,.5)}.custom-swit
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 30 7d 2e 6e 61 76 2d 70 69 6c 6c 73 20 2e 6e 61 76 2d 6c 69 6e 6b 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 2e 32 35 72 65 6d 7d 2e 6e 61 76 2d 70 69 6c 6c 73 20 2e 6e 61 76 2d 6c 69 6e 6b 2e 61 63 74 69 76 65 2c 2e 6e 61 76 2d 70 69 6c 6c 73 20 2e 73 68 6f 77 3e 2e 6e 61 76 2d 6c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 37 62 66 66 7d 2e 6e 61 76 2d 66 69 6c 6c 20 2e 6e 61 76 2d 69 74 65 6d 7b 2d 6d 73 2d 66 6c 65 78 3a 31 20 31 20 61 75 74 6f 3b 66 6c 65 78 3a 31 20 31 20 61 75 74 6f 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 6e 61 76 2d 6a 75 73 74 69 66 69 65 64 20 2e 6e 61 76 2d 69 74 65 6d 7b 2d 6d 73 2d Data Ascii: der-top-right-radius:0}.nav-pills .nav-link{border-radius:.25rem}.nav-pills .nav-link.active,.nav-pills .show>.nav-link{color:#fff;background-color:#007bff}.nav-fill .nav-item{-ms-flex:1 1 auto;flex:1 1 auto;text-align:center}.nav-justified .nav-item{-ms-

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	546	OUT	GET /style.new.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:47 UTC	489	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Tue, 29 Sep 2020 16:39:46 GMT Accept-Ranges: bytes Content-Length: 246831 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:47 UTC	7703	IN	Data Raw: 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 34 34 30 70 78 29 7b 2e 63 6f 6e 74 61 69 6e 65 72 7b 6d 61 78 2d 77 69 64 74 68 3a 31 33 32 30 70 78 7d 7d 64 64 2c 64 6c 2c 64 74 2c 6c 69 2c 6f 6c 2c 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 63 6c 65 61 72 7b 63 6c 65 61 72 3a 62 6f 74 68 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 3b 68 65 69 67 68 74 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 3a 3a 73 65 6c 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 31 61 62 63 39 63 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 74 65 78 74 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 7d 3a 3a 2d 6d 6f 7a 2d 73 65 6c Data Ascii: @media (min-width:1440px){.container{max-width:1320px}}dd,dl,dt,li,ol,ul{margin:0;padding:0}.clear{clear:both;display:block;font-size:0;height:0;line-height:0;width:100%;overflow:hidden}::selection{background:#1abc9c;color:#fff;text-shadow:none}::-moz-sel
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 20 2e 35 73 20 65 61 73 65 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 20 2e 35 73 20 65 61 73 65 7d 2e 68 2d 6e 6f 62 67 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 68 2d 62 67 2d 63 6f 6c 6f 72 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 61 62 63 39 63 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 68 2d 62 67 2d 70 72 69 6d 61 72 79 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 37 62 66 66 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 68 2d 62 67 2d 73 65 63 6f 6e 64 61 72 79 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d Data Ascii: ckground-color .5s ease;transition:background-color .5s ease}.h-nobg:hover{background-color:transparent!important}.h-bg-color:hover{background-color:#1abc9c!important}.h-bg-primary:hover{background-color:#007bff!important}.h-bg-secondary:hover{background-
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 61 6c 69 67 6e 2d 77 69 64 65 2d 78 6c 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 63 61 6c 63 28 35 30 25 20 2d 20 35 37 30 70 78 29 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 63 61 6c 63 28 35 30 25 20 2d 20 35 37 30 70 78 29 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 31 34 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 77 69 64 74 68 3a 31 31 34 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 77 69 64 65 2d 78 78 6c 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 63 61 6c 63 28 35 30 25 20 2d 20 36 36 30 70 78 29 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 63 61 6c 63 28 35 30 25 20 2d 20 36 36 30 70 78 29 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 33 32 Data Ascii: align-wide-xl{margin-left:calc(50% - 570px)!important;margin-right:calc(50% - 570px)!important;max-width:1140px!important;width:1140px!important}.align-wide-xxl{margin-left:calc(50% - 660px)!important;margin-right:calc(50% - 660px)!important;max-width:132
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2d 35 30 70 78 7d 2e 63 6f 6c 2d 6d 62 2d 6c 67 2d 35 30 3e 2e 63 6f 6c 2c 2e 63 6f 6c 2d 6d 62 2d 6c 67 2d 35 30 3e 5b 63 6c 61 73 73 2a 3d 63 6f 6c 2d 5d 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 30 70 78 7d 2e 63 6f 6c 2d 6d 62 2d 6c 67 2d 38 30 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2d 38 30 70 78 7d 2e 63 6f 6c 2d 6d 62 2d 6c 67 2d 38 30 3e 2e 63 6f 6c 2c 2e 63 6f 6c 2d 6d 62 2d 6c 67 2d 38 30 3e 5b 63 6c 61 73 73 2a 3d 63 6f 6c 2d 5d 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 38 30 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 32 30 30 70 78 29 7b 2e 67 75 74 74 65 72 2d 78 6c 2d 31 30 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 2d 35 70 78 3b 6d 61 72 67 69 6e 2d 6c 65 Data Ascii: argin-bottom:-50px}.col-mb-lg-50>.col,.col-mb-lg-50>[class=col-]{padding-bottom:50px}.col-mb-lg-80{margin-bottom:-80px}.col-mb-lg-80>.col,.col-mb-lg-80>[class=col-]{padding-bottom:80px}}@media (min-width:1200px){.gutter-xl-10{margin-right:-5px;margin-le
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 63 65 6e 74 65 72 20 63 65 6e 74 65 72 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 73 65 63 74 69 6f 6e 20 2e 63 6f 6e 74 61 69 6e 65 72 7b 7a 2d 69 6e 64 65 78 3a 32 7d 2e 73 65 63 74 69 6f 6e 20 2e 63 6f 6e 74 61 69 6e 65 72 2b 2e 76 69 64 65 6f 2d 77 72 61 70 7b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 72 65 76 65 61 6c 65 72 2d 69 6d 61 67 65 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 62 6f 74 74 6f 6d 3a 2d 31 30 30 70 78 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 74 74 6f 6d 20 2e 33 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 74 74 6f 6d 20 2e 33 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 2d 6f 2d 74 72 61 6e Data Ascii: portant;background-position:center center!important}.section .container{z-index:2}.section .container+.video-wrap{z-index:1}.revealer-image{position:relative;bottom:-100px;transition:bottom .3s ease-in-out;-webkit-transition:bottom .3s ease-in-out;-o-tran
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 69 6e 67 20 2e 34 73 20 65 61 73 65 2c 6d 61 72 67 69 6e 20 2e 34 73 20 65 61 73 65 2c 6f 70 61 63 69 74 79 20 2e 33 73 20 65 61 73 65 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 68 65 69 67 68 74 20 2e 34 73 20 65 61 73 65 2c 70 61 64 64 69 6e 67 20 2e 34 73 20 65 61 73 65 2c 6d 61 72 67 69 6e 20 2e 34 73 20 65 61 73 65 2c 6f 70 61 63 69 74 79 20 2e 33 73 20 65 61 73 65 7d 23 6c 6f 67 6f 20 69 6d 67 7b 6d 61 78 2d 68 65 69 67 68 74 3a 31 30 30 25 7d 2e 6d 65 67 61 2d 6d 65 6e 75 2d 63 6f 6e 74 65 6e 74 2c 2e 73 75 62 2d 6d 65 6e 75 2d 63 6f 6e 74 61 69 6e 65 72 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 74 6f 70 20 2e 34 73 20 65 61 73 65 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 74 6f 70 20 2e 34 73 20 65 61 73 65 7d 2e 73 74 69 63 6b 79 2d 68 65 61 Data Ascii: ing .4s ease,margin .4s ease,opacity .3s ease;transition:height .4s ease,padding .4s ease,margin .4s ease,opacity .3s ease}#logo img{max-height:100%}.mega-menu-content,.sub-menu-container{-webkit-transition:top .4s ease;transition:top .4s ease}.sticky-hea
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 61 64 65 72 29 20 2e 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 6f 66 66 2d 63 61 6e 76 61 73 20 2e 6d 65 6e 75 2d 63 6f 6e 74 61 69 6e 65 72 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 20 2e 33 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 2c 6f 70 61 63 69 74 79 20 2e 32 73 20 65 61 73 65 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 2d 6f 2d 74 72 61 6e 73 66 6f 72 6d 20 2e 33 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 2c 6f 70 61 63 69 74 79 20 2e 32 73 20 65 61 73 65 21 69 6d 70 6f 72 74 61 6e 74 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 74 72 61 6e 73 66 6f 72 6d 20 2e 33 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 2c 6f 70 61 63 69 74 79 20 2e 32 73 20 65 61 73 65 21 69 6d 70 6f 72 Data Ascii: ader) .mobile-menu-off-canvas .menu-container{-webkit-transition:-webkit-transform .3s ease-in-out,opacity .2s ease!important;-o-transition:-o-transform .3s ease-in-out,opacity .2s ease!important;transition:transform .3s ease-in-out,opacity .2s ease!impor
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 3a 61 66 74 65 72 2c 2e 73 74 79 6c 65 2d 36 20 2e 6d 65 6e 75 2d 63 6f 6e 74 61 69 6e 65 72 3e 2e 6d 65 6e 75 2d 69 74 65 6d 3e 2e 6d 65 6e 75 2d 6c 69 6e 6b 3a 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 27 27 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 68 65 69 67 68 74 3a 32 70 78 3b 77 69 64 74 68 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 32 70 78 20 73 6f 6c 69 64 20 23 31 61 62 63 39 63 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 77 69 64 74 68 20 2e 33 73 20 65 61 73 65 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 77 69 64 74 68 20 2e 33 73 20 65 61 73 65 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 77 69 64 74 68 20 2e 33 73 20 65 61 73 65 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 Data Ascii: :after,.style-6 .menu-container>.menu-item>.menu-link::after{content:'';position:absolute;top:0;left:50%;height:2px;width:0;border-top:2px solid #1abc9c;-webkit-transition:width .3s ease;-o-transition:width .3s ease;transition:width .3s ease;transform:tra
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 6f 76 65 72 6c 61 79 2d 6d 65 6e 75 20 2e 6d 65 6e 75 2d 69 74 65 6d 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6f 76 65 72 6c 61 79 2d 6d 65 6e 75 20 2e 6d 65 6e 75 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 30 70 78 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 2e 6f 76 65 72 6c 61 79 2d 6d 65 6e 75 20 2e 6d 65 67 61 2d 6d 65 6e 75 2d 63 6f 6e 74 65 6e 74 2c 2e 6f 76 65 72 6c 61 79 2d 6d 65 6e 75 20 2e 73 75 62 2d 6d 65 6e 75 2d 63 6f 6e 74 61 69 6e 65 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 74 6f 70 3a 30 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 Data Ascii: overlay-menu .menu-item{width:100%}.overlay-menu .menu-link{padding-top:10px;padding-bottom:10px;padding-left:0;padding-right:0}.overlay-menu .mega-menu-content,.overlay-menu .sub-menu-container{display:none;position:relative;top:0!important;left:0!import
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 65 2d 6d 65 6e 75 2d 6f 70 65 6e 20 2e 70 61 67 65 2d 6d 65 6e 75 2d 6e 61 76 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 70 61 67 65 2d 6d 65 6e 75 2d 6e 61 76 20 2e 70 61 67 65 2d 6d 65 6e 75 2d 63 6f 6e 74 61 69 6e 65 72 7b 6d 61 72 67 69 6e 3a 30 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 7d 2e 70 61 67 65 2d 6d 65 6e 75 2d 69 74 65 6d 7b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 70 61 67 65 2d 6d 65 6e 75 2d 69 74 65 6d 3e 61 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 32 70 78 3b 70 61 64 64 69 6e 67 3a 31 31 70 78 20 31 34 70 78 3b 63 6f Data Ascii: e-menu-open .page-menu-nav{display:block}.page-menu-nav .page-menu-container{margin:0;list-style:none;background-color:rgba(0,0,0,.2)}.page-menu-item{position:relative}.page-menu-item>a{display:block;position:relative;line-height:22px;padding:11px 14px;co

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	545	OUT	GET /css/dark.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:47 UTC	488	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:51 GMT Accept-Ranges: bytes Content-Length: 42104 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:47 UTC	7704	IN	Data Raw: 2e 64 61 72 6b 2c 2e 64 61 72 6b 20 68 31 2c 2e 64 61 72 6b 20 68 32 2c 2e 64 61 72 6b 20 68 33 2c 2e 64 61 72 6b 20 68 34 2c 2e 64 61 72 6b 20 68 35 2c 2e 64 61 72 6b 20 68 36 7b 63 6f 6c 6f 72 3a 23 65 65 65 7d 2e 64 61 72 6b 20 61 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 62 74 6e 2d 5d 29 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 65 65 65 7d 2e 64 61 72 6b 20 23 63 6f 6e 74 65 6e 74 2c 2e 64 61 72 6b 20 23 77 72 61 70 70 65 72 2c 2e 64 61 72 6b 20 2e 61 6a 61 78 2d 6d 6f 64 61 6c 2d 74 69 74 6c 65 2c 2e 64 61 72 6b 20 2e 6d 6f 64 61 6c 2d 63 6f 6e 74 65 6e 74 2c 2e 64 61 72 6b 20 2e 70 61 67 65 2d 74 72 61 6e 73 69 74 69 6f 6e 2d 77 72 61 70 2c 2e 64 61 72 6b 20 2e 70 6f 72 74 66 6f 6c 69 6f 2d 61 6a 61 78 2d 6d 6f 64 61 6c 2c 2e 64 61 72 6b 20 2e 73 68 Data Ascii: .dark,.dark h1,.dark h2,.dark h3,.dark h4,.dark h5,.dark h6{color:#eee}.dark a:not([class*=btn-]):hover{color:#eee}.dark #content,.dark #wrapper,.dark .ajax-modal-title,.dark .modal-content,.dark .page-transition-wrap,.dark .portfolio-ajax-modal,.dark .sh
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 39 31 2e 39 38 70 78 29 7b 2e 73 69 64 65 2d 70 75 73 68 2d 70 61 6e 65 6c 20 2e 64 61 72 6b 20 23 73 69 64 65 2d 70 61 6e 65 6c 2d 74 72 69 67 67 65 72 2d 63 6c 6f 73 65 20 61 2c 2e 73 69 64 65 2d 70 75 73 68 2d 70 61 6e 65 6c 2e 64 61 72 6b 20 23 73 69 64 65 2d 70 61 6e 65 6c 2d 74 72 69 67 67 65 72 2d 63 6c 6f 73 65 20 61 7b 63 6f 6c 6f 72 3a 23 66 37 66 37 66 37 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 33 29 7d 7d 2e 64 61 72 6b 20 2e 68 65 61 64 65 72 2d 6d 69 73 63 2d 69 63 6f 6e 3e 61 7b 63 6f 6c 6f 72 3a 23 66 37 66 37 66 37 7d 2e 64 61 72 6b 20 2e 74 6f 70 2d 73 Data Ascii: kground-color:transparent}}@media (max-width:991.98px){.side-push-panel .dark #side-panel-trigger-close a,.side-push-panel.dark #side-panel-trigger-close a{color:#f7f7f7;background-color:rgba(0,0,0,.3)}}.dark .header-misc-icon>a{color:#f7f7f7}.dark .top-s
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 31 35 29 7d 2e 64 61 72 6b 20 2e 66 62 6f 78 2d 62 67 2e 66 62 6f 78 2d 63 65 6e 74 65 72 20 2e 66 62 6f 78 2d 69 63 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 38 33 38 33 38 7d 2e 64 61 72 6b 20 2e 6d 65 64 69 61 2d 62 6f 78 2e 66 62 6f 78 2d 62 67 20 2e 66 62 6f 78 2d 63 6f 6e 74 65 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 31 35 29 7d 2e 64 61 72 6b 20 2e 66 62 6f 78 2d 65 66 66 65 63 74 20 2e 66 62 6f 78 2d 69 63 6f 6e 20 69 3a 61 66 74 65 72 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 32 70 78 20 Data Ascii: olor:rgba(255,255,255,.15)}.dark .fbox-bg.fbox-center .fbox-icon{background-color:#383838}.dark .media-box.fbox-bg .fbox-content{background-color:rgba(0,0,0,.2);border-color:rgba(255,255,255,.15)}.dark .fbox-effect .fbox-icon i:after{box-shadow:0 0 0 2px
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 23 61 61 61 7d 2e 64 61 72 6b 20 2e 73 6d 2d 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 64 61 72 6b 20 2e 73 6d 2d 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 5b 72 65 61 64 6f 6e 6c 79 5d 2c 2e 64 61 72 6b 20 66 69 65 6c 64 73 65 74 5b 64 69 73 61 62 6c 65 64 5d 20 2e 73 6d 2d 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 65 65 7d 2e 64 61 72 6b 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 61 63 74 69 76 65 2c 2e 64 61 72 6b 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 66 6f 63 75 73 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 32 35 29 7d 2e 64 61 72 6b 20 6c 61 62 65 6c 7b 63 6f 6c 6f 72 3a 23 65 35 65 35 65 35 7d 2e 64 61 72 6b 20 Data Ascii: #aaa}.dark .sm-form-control[disabled],.dark .sm-form-control[readonly],.dark fieldset[disabled] .sm-form-control{background-color:#eee}.dark .form-control:active,.dark .form-control:focus{border-color:rgba(255,255,255,.25)}.dark label{color:#e5e5e5}.dark
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 65 72 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 31 29 7d 7d 2e 64 61 72 6b 20 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 64 64 64 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 31 29 7d 2e 64 61 72 6b 20 6f 75 74 70 75 74 7b 63 6f 6c 6f 72 3a 23 39 39 39 7d 2e 64 61 72 6b 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 6e 6f 74 28 2e 6e 6f 74 2d 64 61 72 6b 29 2c 2e 64 61 72 6b 20 2e 73 6d 2d 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 6e 6f 74 28 2e 6e 6f 74 2d 64 61 72 6b 29 7b 63 6f 6c 6f 72 3a 23 39 39 39 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 Data Ascii: er-color:rgba(255,255,255,.1)}}.dark legend{color:#ddd;border-bottom-color:rgba(255,255,255,.1)}.dark output{color:#999}.dark .form-control:not(.not-dark),.dark .sm-form-control:not(.not-dark){color:#999;background-color:rgba(0,0,0,.2);border-color:rgba(2
2024-07-01 21:33:47 UTC	2400	IN	Data Raw: 2d 77 61 72 6e 69 6e 67 3a 66 6f 63 75 73 2c 2e 64 61 72 6b 20 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 38 61 36 64 33 62 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 61 66 32 63 63 7d 2e 64 61 72 6b 20 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 2e 61 63 74 69 76 65 2c 2e 64 61 72 6b 20 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 64 61 72 6b 20 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 38 61 36 64 33 Data Ascii: -warning:focus,.dark a.list-group-item-warning:hover{color:#8a6d3b;background-color:#faf2cc}.dark a.list-group-item-warning.active,.dark a.list-group-item-warning.active:focus,.dark a.list-group-item-warning.active:hover{color:#fff;background-color:#8a6d3

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	551	OUT	GET /css/font-icons.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:47 UTC	489	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:52 GMT Accept-Ranges: bytes Content-Length: 104208 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:47 UTC	7703	IN	Data Raw: 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 66 6f 6e 74 2d 69 63 6f 6e 73 3b 73 72 63 3a 75 72 6c 28 66 6f 6e 74 73 2f 66 6f 6e 74 2d 69 63 6f 6e 73 2e 65 6f 74 29 3b 73 72 63 3a 75 72 6c 28 66 6f 6e 74 73 2f 66 6f 6e 74 2d 69 63 6f 6e 73 2e 65 6f 74 29 20 66 6f 72 6d 61 74 28 27 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 27 29 2c 75 72 6c 28 66 6f 6e 74 73 2f 66 6f 6e 74 2d 69 63 6f 6e 73 2e 77 6f 66 66 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 27 29 2c 75 72 6c 28 66 6f 6e 74 73 2f 66 6f 6e 74 2d 69 63 6f 6e 73 2e 74 74 66 29 20 66 6f 72 6d 61 74 28 27 74 72 75 65 74 79 70 65 27 29 2c 75 72 6c 28 66 6f 6e 74 73 2f 66 6f 6e 74 2d 69 63 6f 6e 73 2e 73 76 67 29 20 66 6f 72 6d 61 74 28 27 73 76 67 27 29 3b 66 6f 6e 74 2d 77 Data Ascii: @font-face{font-family:font-icons;src:url(fonts/font-icons.eot);src:url(fonts/font-icons.eot) format('embedded-opentype'),url(fonts/font-icons.woff) format('woff'),url(fonts/font-icons.ttf) format('truetype'),url(fonts/font-icons.svg) format('svg');font-w
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 2d 63 68 61 74 2d 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 35 63 22 7d 2e 69 63 6f 6e 2d 63 68 61 74 2d 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 35 64 22 7d 2e 69 63 6f 6e 2d 63 68 61 74 2d 33 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 35 65 22 7d 2e 69 63 6f 6e 2d 63 6f 6d 6d 65 6e 74 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 35 66 22 7d 2e 69 63 6f 6e 2d 63 61 6c 65 6e 64 61 72 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 36 30 22 7d 2e 69 63 6f 6e 2d 62 6f 6f 6b 6d 61 72 6b 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 36 31 22 7d 2e 69 63 6f 6e 2d 65 6d 61 69 6c 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 36 36 32 22 7d Data Ascii: -chat-1:before{content:"\e65c"}.icon-chat-2:before{content:"\e65d"}.icon-chat-3:before{content:"\e65e"}.icon-comment2:before{content:"\e65f"}.icon-calendar2:before{content:"\e660"}.icon-bookmark2:before{content:"\e661"}.icon-email2:before{content:"\e662"}
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 33 32 22 7d 2e 69 63 6f 6e 2d 72 65 73 69 7a 65 2d 68 6f 72 69 7a 6f 6e 74 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 33 33 22 7d 2e 69 63 6f 6e 2d 62 61 72 2d 63 68 61 72 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 33 34 22 7d 2e 69 63 6f 6e 2d 74 77 69 74 74 65 72 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 33 35 22 7d 2e 69 63 6f 6e 2d 66 61 63 65 62 6f 6f 6b 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 33 36 22 7d 2e 69 63 6f 6e 2d 63 61 6d 65 72 61 2d 72 65 74 72 6f 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 33 37 22 7d 2e 69 63 6f 6e 2d 6b 65 79 32 3a 62 65 66 6f Data Ascii: al:before{content:"\e732"}.icon-resize-horizontal:before{content:"\e733"}.icon-bar-chart:before{content:"\e734"}.icon-twitter-sign:before{content:"\e735"}.icon-facebook-sign:before{content:"\e736"}.icon-camera-retro1:before{content:"\e737"}.icon-key2:befo
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 66 63 22 7d 2e 69 63 6f 6e 2d 73 6f 72 74 2d 62 79 2d 6f 72 64 65 72 2d 61 6c 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 66 64 22 7d 2e 69 63 6f 6e 2d 74 68 75 6d 62 73 2d 75 70 32 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 66 65 22 7d 2e 69 63 6f 6e 2d 74 68 75 6d 62 73 2d 64 6f 77 6e 32 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 37 66 66 22 7d 2e 69 63 6f 6e 2d 79 6f 75 74 75 62 65 2d 73 69 67 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 38 30 30 22 7d 2e 69 63 6f 6e 2d 79 6f 75 74 75 62 65 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 38 30 31 22 7d 2e 69 63 6f 6e 2d 78 69 6e 67 32 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 Data Ascii: fore{content:"\e7fc"}.icon-sort-by-order-alt:before{content:"\e7fd"}.icon-thumbs-up21:before{content:"\e7fe"}.icon-thumbs-down21:before{content:"\e7ff"}.icon-youtube-sign:before{content:"\e800"}.icon-youtube2:before{content:"\e801"}.icon-xing2:before{cont
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 75 61 72 74 65 72 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 33 65 22 7d 2e 69 63 6f 6e 2d 62 65 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 33 66 22 7d 2e 69 63 6f 6e 2d 62 65 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 34 30 22 7d 2e 69 63 6f 6e 2d 62 65 6c 6c 2d 73 6c 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 34 31 22 7d 2e 69 63 6f 6e 2d 62 65 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 34 32 22 7d 2e 69 63 6f 6e 2d 62 65 7a 69 65 72 2d 63 75 72 76 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 34 33 22 7d 2e 69 63 6f 6e 2d 62 69 62 6c 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 39 34 34 22 7d 2e 69 63 6f 6e 2d Data Ascii: uarters:before{content:"\e93e"}.icon-bed:before{content:"\e93f"}.icon-beer:before{content:"\e940"}.icon-bell-slash:before{content:"\e941"}.icon-bell:before{content:"\e942"}.icon-bezier-curve:before{content:"\e943"}.icon-bible:before{content:"\e944"}.icon-
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 30 39 22 7d 2e 69 63 6f 6e 2d 66 69 6c 65 2d 61 75 64 69 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 30 61 22 7d 2e 69 63 6f 6e 2d 66 69 6c 65 2d 63 6f 64 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 30 62 22 7d 2e 69 63 6f 6e 2d 66 69 6c 65 2d 63 6f 6e 74 72 61 63 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 30 63 22 7d 2e 69 63 6f 6e 2d 66 69 6c 65 2d 64 6f 77 6e 6c 6f 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 30 64 22 7d 2e 69 63 6f 6e 2d 66 69 6c 65 2d 65 78 63 65 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 30 65 22 7d 2e 69 63 6f 6e 2d 66 69 6c 65 2d 65 78 70 6f 72 74 3a 62 65 66 6f 72 65 7b Data Ascii: e:before{content:"\ea09"}.icon-file-audio:before{content:"\ea0a"}.icon-file-code:before{content:"\ea0b"}.icon-file-contract:before{content:"\ea0c"}.icon-file-download:before{content:"\ea0d"}.icon-file-excel:before{content:"\ea0e"}.icon-file-export:before{
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 61 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 64 33 22 7d 2e 69 63 6f 6e 2d 6d 65 72 63 75 72 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 64 34 22 7d 2e 69 63 6f 6e 2d 6d 69 63 72 6f 63 68 69 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 64 35 22 7d 2e 69 63 6f 6e 2d 6d 69 63 72 6f 70 68 6f 6e 65 2d 61 6c 74 2d 73 6c 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 64 36 22 7d 2e 69 63 6f 6e 2d 6d 69 63 72 6f 70 68 6f 6e 65 2d 61 6c 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 64 37 22 7d 2e 69 63 6f 6e 2d 6d 69 63 72 6f 70 68 6f 6e 65 2d 73 6c 61 73 68 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 61 64 38 22 7d 2e 69 63 6f 6e 2d 6d 69 63 72 6f 70 68 Data Ascii: ah:before{content:"\ead3"}.icon-mercury:before{content:"\ead4"}.icon-microchip:before{content:"\ead5"}.icon-microphone-alt-slash:before{content:"\ead6"}.icon-microphone-alt:before{content:"\ead7"}.icon-microphone-slash:before{content:"\ead8"}.icon-microph
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 66 65 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 62 39 65 22 7d 2e 69 63 6f 6e 2d 73 75 62 73 63 72 69 70 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 62 39 66 22 7d 2e 69 63 6f 6e 2d 73 75 62 77 61 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 62 61 30 22 7d 2e 69 63 6f 6e 2d 73 75 69 74 63 61 73 65 2d 72 6f 6c 6c 69 6e 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 62 61 31 22 7d 2e 69 63 6f 6e 2d 73 75 69 74 63 61 73 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 62 61 32 22 7d 2e 69 63 6f 6e 2d 73 75 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 62 61 33 22 7d 2e 69 63 6f 6e 2d 73 75 70 65 72 73 63 72 69 70 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 Data Ascii: fel:before{content:"\eb9e"}.icon-subscript:before{content:"\eb9f"}.icon-subway:before{content:"\eba0"}.icon-suitcase-rolling:before{content:"\eba1"}.icon-suitcase:before{content:"\eba2"}.icon-sun:before{content:"\eba3"}.icon-superscript:before{content:"\e
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 72 6f 77 6e 2d 6f 70 65 6e 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 63 36 37 22 7d 2e 69 63 6f 6e 2d 66 72 6f 77 6e 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 63 36 38 22 7d 2e 69 63 6f 6e 2d 66 75 74 62 6f 6c 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 63 36 39 22 7d 2e 69 63 6f 6e 2d 67 65 6d 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 63 36 61 22 7d 2e 69 63 6f 6e 2d 67 72 69 6d 61 63 65 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 63 36 62 22 7d 2e 69 63 6f 6e 2d 67 72 69 6e 2d 61 6c 74 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 63 36 63 22 7d 2e 69 63 6f 6e 2d 67 72 69 6e 2d 62 65 61 6d 2d 73 77 65 61 74 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 Data Ascii: rown-open1:before{content:"\ec67"}.icon-frown1:before{content:"\ec68"}.icon-futbol1:before{content:"\ec69"}.icon-gem1:before{content:"\ec6a"}.icon-grimace1:before{content:"\ec6b"}.icon-grin-alt1:before{content:"\ec6c"}.icon-grin-beam-sweat1:before{content
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 65 64 73 73 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 64 32 65 22 7d 2e 69 63 6f 6e 2d 66 61 63 65 62 6f 6f 6b 2d 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 64 32 66 22 7d 2e 69 63 6f 6e 2d 66 61 63 65 62 6f 6f 6b 2d 6d 65 73 73 65 6e 67 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 64 33 30 22 7d 2e 69 63 6f 6e 2d 66 61 63 65 62 6f 6f 6b 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 64 33 31 22 7d 2e 69 63 6f 6e 2d 66 61 63 65 62 6f 6f 6b 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 64 33 32 22 7d 2e 69 63 6f 6e 2d 66 69 72 65 66 6f 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 64 33 33 22 7d 2e 69 63 6f 6e 2d 66 69 72 73 74 2d 6f 72 64 65 72 Data Ascii: edssl:before{content:"\ed2e"}.icon-facebook-f:before{content:"\ed2f"}.icon-facebook-messenger:before{content:"\ed30"}.icon-facebook-square:before{content:"\ed31"}.icon-facebook1:before{content:"\ed32"}.icon-firefox:before{content:"\ed33"}.icon-first-order

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	548	OUT	GET /css/animate.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:47 UTC	488	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:51 GMT Accept-Ranges: bytes Content-Length: 73905 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:47 UTC	7704	IN	Data Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 0d 0a 20 2a 20 61 6e 69 6d 61 74 65 2e 63 73 73 20 2d 20 68 74 74 70 73 3a 2f 2f 61 6e 69 6d 61 74 65 2e 73 74 79 6c 65 2f 0d 0a 20 2a 20 56 65 72 73 69 6f 6e 20 2d 20 34 2e 30 2e 30 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 6c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 6f 70 65 6e 73 6f 75 72 63 65 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 73 2f 4d 49 54 0d 0a 20 2a 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 32 30 20 41 6e 69 6d 61 74 65 2e 63 73 73 0d 0a 20 2a 2f 3a 72 6f 6f 74 7b 2d 2d 61 6e 69 6d 61 74 65 2d 64 75 72 61 74 69 6f 6e 3a 31 73 3b 2d 2d 61 6e 69 6d 61 74 65 2d 64 65 6c 61 79 3a 31 73 3b 2d 2d 61 6e 69 6d 61 74 65 2d 72 Data Ascii: @charset "UTF-8";/! animate.css - https://animate.style/ * Version - 4.0.0 * Licensed under the MIT license - http://opensource.org/licenses/MIT * * Copyright (c) 2020 Animate.css */:root{--animate-duration:1s;--animate-delay:1s;--animate-r
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 2d 31 30 70 78 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 2d 31 30 70 78 2c 30 2c 30 29 7d 32 30 25 2c 34 30 25 2c 36 30 25 2c 38 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 31 30 70 78 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 31 30 70 78 2c 30 2c 30 29 7d 7d 2e 73 68 61 6b 65 58 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 73 68 61 6b 65 58 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 73 68 61 6b 65 58 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 73 68 61 6b 65 59 7b 66 72 6f 6d 2c 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 Data Ascii: form:translate3d(-10px,0,0);transform:translate3d(-10px,0,0)}20%,40%,60%,80%{-webkit-transform:translate3d(10px,0,0);transform:translate3d(10px,0,0)}}.shakeX{-webkit-animation-name:shakeX;animation-name:shakeX}@-webkit-keyframes shakeY{from,to{-webkit-tra
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 74 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 63 61 6c 63 28 31 73 20 2a 20 31 2e 33 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 63 61 6c 63 28 31 73 20 2a 20 31 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 63 61 6c 63 28 76 61 72 28 2d 2d 61 6e 69 6d 61 74 65 2d 64 75 72 61 74 69 6f 6e 29 20 2a 20 31 2e 33 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 63 61 6c 63 28 76 61 72 28 2d 2d 61 6e 69 6d 61 74 65 2d 64 75 72 61 74 69 6f 6e 29 20 2a 20 31 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d Data Ascii: t;-webkit-animation-duration:calc(1s * 1.3);animation-duration:calc(1s * 1.3);-webkit-animation-duration:calc(var(--animate-duration) * 1.3);animation-duration:calc(var(--animate-duration) * 1.3);-webkit-animation-timing-function:ease-in-out;animation-tim
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 35 70 78 2c 30 29 20 73 63 61 6c 65 59 28 2e 39 38 35 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 35 70 78 2c 30 29 20 73 63 61 6c 65 59 28 2e 39 38 35 29 7d 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 7d 7d 2e 62 6f 75 6e 63 65 49 6e 44 6f 77 6e 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 62 6f 75 6e 63 65 49 6e 44 6f 77 6e 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 62 6f 75 6e 63 65 49 6e 44 6f 77 6e 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 Data Ascii: kit-transform:translate3d(0,5px,0) scaleY(.985);transform:translate3d(0,5px,0) scaleY(.985)}to{-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}}.bounceInDown{-webkit-animation-name:bounceInDown;animation-name:bounceInDown}@-webkit-keyfra
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 65 79 66 72 61 6d 65 73 20 66 61 64 65 49 6e 7b 66 72 6f 6d 7b 6f 70 61 63 69 74 79 3a 30 7d 74 6f 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 2e 66 61 64 65 49 6e 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 64 65 49 6e 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 64 65 49 6e 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 49 6e 44 6f 77 6e 7b 66 72 6f 6d 7b 6f 70 61 63 69 74 79 3a 30 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 2d 31 30 30 25 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 2d 31 30 30 25 2c 30 29 7d 74 6f 7b 6f 70 61 63 69 74 79 3a 31 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a Data Ascii: eyframes fadeIn{from{opacity:0}to{opacity:1}}.fadeIn{-webkit-animation-name:fadeIn;animation-name:fadeIn}@-webkit-keyframes fadeInDown{from{opacity:0;-webkit-transform:translate3d(0,-100%,0);transform:translate3d(0,-100%,0)}to{opacity:1;-webkit-transform:
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 33 64 28 32 30 30 30 70 78 2c 30 2c 30 29 7d 7d 2e 66 61 64 65 4f 75 74 52 69 67 68 74 42 69 67 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 64 65 4f 75 74 52 69 67 68 74 42 69 67 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 64 65 4f 75 74 52 69 67 68 74 42 69 67 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 4f 75 74 55 70 7b 66 72 6f 6d 7b 6f 70 61 63 69 74 79 3a 31 7d 74 6f 7b 6f 70 61 63 69 74 79 3a 30 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 2d 31 30 30 25 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 2d 31 30 30 25 2c 30 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 4f 75 74 55 70 Data Ascii: 3d(2000px,0,0)}}.fadeOutRightBig{-webkit-animation-name:fadeOutRightBig;animation-name:fadeOutRightBig}@-webkit-keyframes fadeOutUp{from{opacity:1}to{opacity:0;-webkit-transform:translate3d(0,-100%,0);transform:translate3d(0,-100%,0)}}@keyframes fadeOutUp
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 30 70 78 29 20 72 6f 74 61 74 65 33 64 28 30 2c 31 2c 30 2c 39 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 34 30 30 70 78 29 20 72 6f 74 61 74 65 33 64 28 30 2c 31 2c 30 2c 39 30 64 65 67 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 69 6e 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 69 6e 3b 6f 70 61 63 69 74 79 3a 30 7d 34 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 34 30 30 70 78 29 20 72 6f 74 61 74 65 33 64 28 30 2c 31 2c 30 2c 2d 32 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 70 65 72 73 70 65 63 74 69 76 65 28 34 30 30 70 78 Data Ascii: 0px) rotate3d(0,1,0,90deg);transform:perspective(400px) rotate3d(0,1,0,90deg);-webkit-animation-timing-function:ease-in;animation-timing-function:ease-in;opacity:0}40%{-webkit-transform:perspective(400px) rotate3d(0,1,0,-20deg);transform:perspective(400px
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 33 64 28 30 2c 30 2c 31 2c 2d 39 30 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 33 64 28 30 2c 30 2c 31 2c 2d 39 30 64 65 67 29 3b 6f 70 61 63 69 74 79 3a 30 7d 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 3b 6f 70 61 63 69 74 79 3a 31 7d 7d 2e 72 6f 74 61 74 65 49 6e 55 70 52 69 67 68 74 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 72 6f 74 61 74 65 49 6e 55 70 52 69 67 68 74 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 72 6f 74 61 74 65 49 6e 55 70 52 69 67 68 74 3b 2d 77 65 62 6b 69 74 2d 74 72 Data Ascii: t-transform:rotate3d(0,0,1,-90deg);transform:rotate3d(0,0,1,-90deg);opacity:0}to{-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0);opacity:1}}.rotateInUpRight{-webkit-animation-name:rotateInUpRight;animation-name:rotateInUpRight;-webkit-tr
2024-07-01 21:33:47 UTC	8000	IN	Data Raw: 3a 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 31 37 35 2c 2e 38 38 35 2c 2e 33 32 2c 31 29 7d 7d 2e 7a 6f 6f 6d 49 6e 4c 65 66 74 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 7a 6f 6f 6d 49 6e 4c 65 66 74 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 7a 6f 6f 6d 49 6e 4c 65 66 74 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 7a 6f 6f 6d 49 6e 52 69 67 68 74 7b 66 72 6f 6d 7b 6f 70 61 63 69 74 79 3a 30 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 33 64 28 2e 31 2c 2e 31 2c 2e 31 29 20 74 72 61 6e 73 6c 61 74 65 33 64 28 31 30 30 30 70 78 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 33 64 28 2e 31 2c 2e 31 2c 2e 31 29 20 74 72 61 6e 73 6c 61 74 65 33 64 28 31 30 30 30 70 Data Ascii: :cubic-bezier(.175,.885,.32,1)}}.zoomInLeft{-webkit-animation-name:zoomInLeft;animation-name:zoomInLeft}@-webkit-keyframes zoomInRight{from{opacity:0;-webkit-transform:scale3d(.1,.1,.1) translate3d(1000px,0,0);transform:scale3d(.1,.1,.1) translate3d(1000p
2024-07-01 21:33:47 UTC	2201	IN	Data Raw: 69 62 69 6c 69 74 79 3a 76 69 73 69 62 6c 65 7d 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 73 6c 69 64 65 49 6e 55 70 7b 66 72 6f 6d 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 31 30 30 25 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 31 30 30 25 2c 30 29 3b 76 69 73 69 62 69 6c 69 74 79 3a 76 69 73 69 62 6c 65 7d 74 6f 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 33 64 28 30 2c 30 2c 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 Data Ascii: ibility:visible}to{-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}}@keyframes slideInUp{from{-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{-webkit-transform:translate3d(0,0,0);transform:tr

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	555	OUT	GET /css/magnific-popup.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:47 UTC	487	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:51 GMT Accept-Ranges: bytes Content-Length: 5764 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:47 UTC	5764	IN	Data Raw: 2e 6d 66 70 2d 62 67 7b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 31 30 34 32 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 30 62 30 62 30 62 3b 6f 70 61 63 69 74 79 3a 2e 38 7d 2e 6d 66 70 2d 77 72 61 70 7b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 7a 2d 69 6e 64 65 78 3a 31 30 34 33 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 6f 75 74 6c 69 6e 65 3a 30 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 61 63 6b 66 61 63 65 2d 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 7d 2e 6d 66 70 2d 63 6f 6e Data Ascii: .mfp-bg{top:0;left:0;width:100%;height:100%;z-index:1042;overflow:hidden;position:fixed;background:#0b0b0b;opacity:.8}.mfp-wrap{top:0;left:0;width:100%;height:100%;z-index:1043;position:fixed;outline:0!important;-webkit-backface-visibility:hidden}.mfp-con

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	547	OUT	GET /css/colors.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:48 UTC	487	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:51 GMT Accept-Ranges: bytes Content-Length: 6871 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:48 UTC	6871	IN	Data Raw: 3a 3a 73 65 6c 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 33 63 35 63 38 38 7d 3a 3a 2d 6d 6f 7a 2d 73 65 6c 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 33 63 35 63 38 38 7d 3a 3a 2d 77 65 62 6b 69 74 2d 73 65 6c 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 33 63 35 63 38 38 7d 23 70 6f 72 74 66 6f 6c 69 6f 2d 6e 61 76 69 67 61 74 69 6f 6e 20 61 3a 68 6f 76 65 72 2c 2e 62 72 65 61 64 63 72 75 6d 62 20 61 3a 68 6f 76 65 72 2c 2e 62 74 6e 2d 6c 69 6e 6b 2c 2e 63 6f 6d 6d 65 6e 74 2d 63 6f 6e 74 65 6e 74 20 2e 63 6f 6d 6d 65 6e 74 2d 61 75 74 68 6f 72 20 61 3a 68 6f 76 65 72 2c 2e 64 61 72 6b 20 23 70 6f 72 74 66 6f 6c 69 6f 2d 6e 61 76 69 67 61 74 69 6f 6e 20 61 3a 68 6f 76 65 72 2c 2e 64 61 72 6b 20 2e 62 72 65 61 64 Data Ascii: ::selection{background:#3c5c88}::-moz-selection{background:#3c5c88}::-webkit-selection{background:#3c5c88}#portfolio-navigation a:hover,.breadcrumb a:hover,.btn-link,.comment-content .comment-author a:hover,.dark #portfolio-navigation a:hover,.dark .bread

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	547	OUT	GET /css/custom.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:48 UTC	488	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Mon, 18 Mar 2024 16:04:43 GMT Accept-Ranges: bytes Content-Length: 30101 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:48 UTC	7704	IN	Data Raw: 40 63 68 61 72 73 65 74 20 22 75 74 66 2d 38 22 3b 0d 0a 2f 2a 20 43 53 53 20 44 6f 63 75 6d 65 6e 74 20 2a 2f 0d 0a 0d 0a 2e 73 74 72 65 74 63 68 65 64 20 23 67 6f 74 6f 54 6f 70 20 7b 0d 0a 20 20 20 20 72 69 67 68 74 3a 20 33 30 70 78 3b 0d 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 31 31 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 7d 0d 0a 2e 62 74 6e 2d 6c 6f 67 69 6e 20 7b 0d 0a 20 63 6f 6c 6f 72 3a 20 23 30 30 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 61 35 64 38 36 37 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 61 35 64 38 36 37 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 20 21 69 6d 70 6f 72 Data Ascii: @charset "utf-8";/* CSS Document */.stretched #gotoTop { right: 30px; bottom: 110px!important;}.btn-login { color: #000 !important; background-color: #a5d867 !important; border-color: #a5d867 !important; font-weight: 600 !impor
2024-07-01 21:33:48 UTC	8000	IN	Data Raw: 6b 69 70 74 6f 63 6f 6e 74 65 6e 74 20 61 20 7b 0d 0a 20 70 61 64 64 69 6e 67 3a 20 36 70 78 3b 0d 0a 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 20 74 6f 70 3a 20 2d 34 30 70 78 3b 0d 0a 20 6c 65 66 74 3a 20 30 3b 0d 0a 20 63 6f 6c 6f 72 3a 20 23 62 66 31 37 32 32 3b 0d 0a 20 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 66 66 66 3b 0d 0a 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 66 66 66 3b 0d 0a 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 38 70 78 3b 0d 0a 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 3b 0d 0a 20 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 20 74 6f 70 20 31 73 20 65 61 73 65 2d 6f 75 74 Data Ascii: kiptocontent a { padding: 6px; position: absolute; top: -40px; left: 0; color: #bf1722; border-right: 1px solid #fff; border-bottom: 1px solid #fff; border-bottom-right-radius: 8px; background: #fff; -webkit-transition: top 1s ease-out
2024-07-01 21:33:48 UTC	8000	IN	Data Raw: 69 2d 63 6f 6e 74 65 6e 74 20 70 20 7b 0d 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 36 30 30 70 78 0d 0a 20 7d 0d 0a 7d 0d 0a 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 36 37 2e 39 38 70 78 29 20 7b 0d 0a 20 2e 74 65 73 74 69 6d 6f 6e 69 61 6c 20 2e 74 65 73 74 69 2d 63 6f 6e 74 65 6e 74 20 70 20 7b 0d 0a 20 20 6d 61 78 2d 77 69 64 74 68 3a 20 33 30 30 70 78 0d 0a 20 7d 0d 0a 7d 0d 0a 2e 74 65 73 74 69 2d 63 6f 6e 74 65 6e 74 20 70 20 7b 0d 0a 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 50 6f 70 70 69 6e 73 2c 20 73 61 6e 73 2d 73 65 72 69 66 20 21 69 6d 70 6f 72 74 61 6e 74 0d 0a 7d 0d 0a 2e 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2d 62 6f 72 64 65 72 3a 6e 6f 74 28 2e 62 75 74 74 6f 6e 2d 66 69 6c 6c 29 3a 68 6f 76 65 72 20 7b 0d 0a 20 63 6f Data Ascii: i-content p { max-width: 600px }}@media (max-width:767.98px) { .testimonial .testi-content p { max-width: 300px }}.testi-content p { font-family: Poppins, sans-serif !important}.button.button-border:not(.button-fill):hover { co
2024-07-01 21:33:48 UTC	6397	IN	Data Raw: 65 69 67 68 74 3a 20 34 30 30 0d 0a 7d 0d 0a 2e 74 61 62 2d 63 6f 6e 74 65 6e 74 20 68 31 20 7b 0d 0a 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4f 70 65 6e 20 53 61 6e 73 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0d 0a 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 0d 0a 7d 0d 0a 2e 63 61 72 64 2d 74 69 74 6c 65 20 7b 0d 0a 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 2e 37 35 72 65 6d 0d 0a 7d 0d 0a 2e 63 61 72 64 2d 69 6d 67 2d 74 6f 70 20 7b 0d 0a 20 2d 6d 73 2d 66 6c 65 78 2d 6e 65 67 61 74 69 76 65 3a 20 30 3b 0d 0a 20 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 20 30 3b 0d 0a 20 77 69 64 74 68 3a 20 31 30 30 25 0d 0a 7d 0d 0a 2e 63 61 72 64 2d 69 6d 67 2d 74 6f 70 20 7b 0d 0a 20 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a Data Ascii: eight: 400}.tab-content h1 { font-family: 'Open Sans', sans-serif; font-weight: 600}.card-title { margin-bottom: .75rem}.card-img-top { -ms-flex-negative: 0; flex-shrink: 0; width: 100%}.card-img-top { border-top-left-radius:

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	557	OUT	GET /css/smart-app-banner.css HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:48 UTC	487	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:51 GMT Accept-Ranges: bytes Content-Length: 4838 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: text/css
2024-07-01 21:33:48 UTC	4838	IN	Data Raw: 2e 73 6d 61 72 74 62 61 6e 6e 65 72 2d 62 75 74 74 6f 6e 2c 2e 73 6d 61 72 74 62 61 6e 6e 65 72 2d 63 6c 6f 73 65 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 73 6d 61 72 74 62 61 6e 6e 65 72 2d 73 68 6f 77 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 38 30 70 78 7d 2e 73 6d 61 72 74 62 61 6e 6e 65 72 2d 73 68 6f 77 20 2e 73 6d 61 72 74 62 61 6e 6e 65 72 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 73 6d 61 72 74 62 61 6e 6e 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 30 3b 74 6f 70 3a 30 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 38 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 38 30 70 78 3b 66 Data Ascii: .smartbanner-button,.smartbanner-close{text-decoration:none;text-align:center}.smartbanner-show{margin-top:80px}.smartbanner-show .smartbanner{display:block}.smartbanner{position:absolute;left:0;top:0;display:none;width:100%;height:80px;line-height:80px;f

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	604	OUT	GET /images/appstore-apple.png HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:48 UTC	454	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:47 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 16:56:41 GMT Accept-Ranges: bytes Content-Length: 3825 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:47 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/png
2024-07-01 21:33:48 UTC	3825	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b4 00 00 00 36 08 03 00 00 00 59 6b 43 d3 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 01 89 50 4c 54 45 ff ff ff 92 92 92 8e 8e 8e 8b 8b 8c b2 b2 b2 af b0 b0 ae ae ae 8a 8a 8a 86 86 86 ba ba ba b6 b6 b6 92 92 92 8e 8e 8e b6 b6 b6 b2 b2 b2 8e 8e 8e b6 b6 b6 b2 b2 b2 b6 b6 b6 af b0 b0 ae ae ae 8e 8e 8e b6 b6 b6 af b0 b0 ae ae ae 8b 8b 8c 88 88 8a 86 86 86 ae ae ae a9 a8 a9 88 88 8a ff ff ff fb fb fb f9 f9 f9 f7 f7 f7 f3 f3 f3 ef ef ef eb eb eb e9 ea ea e7 e7 e7 e3 e3 e3 df df df db db db d7 d7 d7 d2 d2 d2 cc cc cc c6 c6 c6 c2 c2 c2 be be be ba ba ba b6 b6 b6 b2 b2 b2 af b0 b0 ae ae ae aa aa aa a9 a8 a9 a6 a6 a6 a2 a2 a2 a0 a1 a1 9e 9e 9e 99 99 99 96 96 96 94 95 95 94 93 95 92 92 92 91 8f 90 8e Data Ascii: PNGIHDR6YkCsBITOPLTE

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:47 UTC	605	OUT	GET /images/appstore-google.png HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:48 UTC	454	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:48 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 16:56:41 GMT Accept-Ranges: bytes Content-Length: 3823 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:48 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/png
2024-07-01 21:33:48 UTC	3823	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b4 00 00 00 3c 08 03 00 00 00 f8 f0 60 b5 00 00 00 03 73 42 49 54 08 08 08 db e1 4f e0 00 00 02 dc 50 4c 54 45 ff ff ff ff ff ff be bd bd aa a8 a8 a1 9f 9f 99 99 99 90 8d 8e 8d 8b 8c 85 84 83 74 72 72 85 84 83 6f 6c 6d 66 66 66 60 5c 5d 5b 59 59 4e 4a 4b 4c 49 4a 6c 6a 6b 5b 59 59 57 53 54 3f 3b 3c 31 2d 2f 2b 28 28 29 25 26 5b 59 59 4e 4a 4b 47 43 44 4e 4a 4b 47 43 44 43 40 41 4e 4a 4b 4e 4a 4b 43 40 41 41 3d 3f 3c 39 39 38 34 35 3f 3b 3c 39 35 36 38 34 35 39 35 36 38 34 35 33 33 33 2e 2a 2b 33 33 33 31 2d 2f 2e 2a 2b ff ff ff f7 f7 f7 f3 f2 f2 f0 ef ef eb ea ea e6 e6 e6 d5 ef a4 df de de d3 e9 9d c1 e8 a5 b8 e8 a9 cb e0 98 d6 d5 d6 c4 e0 9c bf e0 9b ac e3 a9 b3 dd 9d ff c9 78 cc cc cc 9a df ac ad Data Ascii: PNGIHDR<`sBITOPLTEtrrolmfff`\][YYNJKLIJljk[YYWST?;<1-/+(()%&[YYNJKGCDNJKGCDC@ANJKNJKC@AA=?<99845?;<956845956845333.+3331-/.+x

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	594	OUT	GET /images/logo.png HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:48 UTC	455	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:48 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 16:56:49 GMT Accept-Ranges: bytes Content-Length: 10639 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:48 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/png
2024-07-01 21:33:48 UTC	7737	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d6 00 00 00 64 08 06 00 00 00 fa e1 ce 50 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 2d fb 00 00 2d fb 01 fc 87 4a e7 00 00 00 1c 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 46 69 72 65 77 6f 72 6b 73 20 43 53 36 e8 bc b2 8c 00 00 20 00 49 44 41 54 78 9c ed 9d 79 9c 24 45 99 f7 bf bf ac ee 39 99 81 19 40 1c 14 15 e4 46 39 44 59 15 51 51 50 e9 42 d1 15 a6 1a f4 55 56 5c d6 7b 75 45 51 7c a1 aa f0 40 85 d7 63 5d 0f 16 75 75 15 a6 0b 51 59 a4 9a 53 74 11 10 44 39 44 40 0e 05 61 38 54 06 19 98 7b ba f3 f7 fe 11 99 59 99 55 d5 73 30 53 3d 80 f5 fb 4c 4f 55 65 c6 f1 44 66 3c 11 cf 15 11 b2 4d 1f 7d f4 b1 71 11 6d 6a 02 fa e8 e3 a9 88 3e 63 f5 d1 47 0f d0 67 Data Ascii: PNGIHDRdPsBIT\|dpHYs--JtEXtSoftwareAdobe Fireworks CS6 IDATxy$E9@F9DYQQPBUV\{uEQ\|@c]uuQYStD9D@a8T{YUs0S=LOUeDf<M}qmj>cGg
2024-07-01 21:33:48 UTC	2902	IN	Data Raw: 3e f9 d0 8d 3a c3 6c 88 f1 62 2a f8 19 c0 d3 05 b3 1d 46 e0 58 d2 80 61 73 f0 e6 84 f0 a6 b9 c9 a9 86 ab 25 2d 26 78 e8 17 11 b6 55 7e 96 c3 f6 cc 73 09 0f 72 21 61 cb ad b9 40 94 30 e2 a3 46 f7 01 b3 05 f3 9c 5d 4f fb 58 2e 40 35 0d 08 25 0d e0 29 76 fa fc fa d3 24 32 b3 90 2f 1f e8 9a 05 79 b6 c5 37 64 9b c6 64 3c 97 74 90 8c 87 da 42 22 b2 48 82 e2 7b eb 58 91 92 f4 ac 62 72 b7 18 29 a5 af 60 76 cb 95 ef d6 c6 2b 4e e2 f8 f2 8c ef b6 32 72 4c 38 55 d2 9e b6 1f 35 3e 0d 1e ff 6a ea b5 60 2b c2 2c 5b 1c 00 ba 07 90 0c da 1e 94 b4 59 61 ec 08 0d 28 24 2c 32 68 40 ae ec 31 e3 a5 04 66 7e 04 b8 1d f3 17 60 7b e0 7a 9b db 25 16 f6 22 e4 7d 93 8b 82 47 7d fc c7 1a 9b 32 65 cb 52 14 ad 5c 50 3d e4 b1 c3 3e 78 16 d3 36 df 7c 36 68 ba 71 a9 14 45 0f 2f a8 1e b2 Data Ascii: >:lb*FXas%-&xU~sr!a@0F]OX.@5%)v$2/y7dd<tB"H{Xbr)`v+N2rL8U5>j`+,[Ya($,2h@1f~`{z%"}G}2eR\P=>x6\|6hqE/

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	592	OUT	GET /css/fonts/font-icons.woff HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.midoregon.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.midoregon.com/css/font-icons.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	513	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:04:06 GMT Accept-Ranges: bytes Content-Length: 559660 Cache-Control: max-age=172800 Expires: Wed, 03 Jul 2024 21:33:49 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Access-Control-Allow-Origin: * Connection: close Content-Type: font/woff
2024-07-01 21:33:49 UTC	7679	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 08 8a 2c 00 0b 00 00 00 08 89 e0 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4f 53 2f 32 00 00 01 08 00 00 00 60 00 00 00 60 0f 12 0b 6f 63 6d 61 70 00 00 01 68 00 00 00 64 00 00 00 64 04 b1 c0 1e 67 61 73 70 00 00 01 cc 00 00 00 08 00 00 00 08 00 00 00 10 67 6c 79 66 00 00 01 d4 00 08 46 88 00 08 46 88 8a f8 53 d6 68 65 61 64 00 08 48 5c 00 00 00 36 00 00 00 36 34 b9 74 18 68 68 65 61 00 08 48 94 00 00 00 24 00 00 00 24 22 ef 26 ca 68 6d 74 78 00 08 48 b8 00 00 1f e0 00 00 1f e0 c0 d0 4d a1 6c 6f 63 61 00 08 68 98 00 00 1f e4 00 00 1f e4 1e 7e 85 3c 6d 61 78 70 00 08 88 7c 00 00 00 20 00 00 00 20 08 23 04 80 6e 61 6d 65 00 08 88 9c 00 00 01 6e 00 00 01 6e d1 82 6d 99 70 6f 73 74 00 08 8a 0c 00 00 00 Data Ascii: wOFF,OS/2``ocmaphddgaspglyfFFSheadH\664thheaH$$"&hmtxHMlocah~<maxp\| #namennmpost
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 00 03 40 00 0b 00 15 00 2a 00 47 00 4b 00 00 01 22 06 15 14 16 33 32 36 35 34 26 07 3e 01 33 32 16 17 2e 01 27 25 23 27 21 07 23 22 06 15 11 14 16 33 21 32 36 35 11 34 26 23 01 22 27 2e 01 27 26 35 34 37 3e 01 37 36 33 32 17 1e 01 17 16 15 14 07 0e 01 07 06 23 01 23 35 33 02 15 4f 71 71 4f 50 70 70 9a 10 26 14 3a 53 07 37 79 2e 01 f5 ce 1d fe 56 1d a3 24 47 47 24 03 55 23 1d 1d 23 fe 55 39 33 32 4b 16 16 16 16 4b 32 33 39 3a 32 33 4b 16 16 16 16 4b 33 32 3a 01 96 56 56 02 40 70 50 50 70 70 50 50 70 3f 09 0b 4c 38 2b 36 0f ea 55 55 32 24 fe 00 23 32 32 23 02 00 24 32 fd 80 15 16 4c 32 33 39 39 33 32 4c 16 15 15 16 4c 32 33 39 39 33 32 4c 16 15 01 d5 55 00 00 0a 00 00 00 15 04 00 03 40 00 18 00 28 00 2c 00 30 00 34 00 38 00 3c 00 40 00 44 00 48 00 00 01 21 Data Ascii: @*GK"32654&>32.'%#'!#"3!2654&#"'.'&547>7632##53OqqOPpp&:S7y.V$GG$U##U932KK239:23KK32:VV@pPPppPPp?L8+6UU2$#22#$2L239932LL239932LU@(,048<@DH!
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 56 03 12 01 02 11 03 55 55 ab 2b 30 33 fe 9c 34 30 2a 2b 2b 37 57 47 55 01 80 56 48 57 37 2a 2a 03 95 4b 35 fe 80 35 4b 4b 35 01 80 35 4b d5 2b 2a 2b 2b 2a 2b 2b 11 19 19 11 2b 2b 2a 2b 2b 2a 2b 2b 2a 12 19 19 12 2a 2b ff 00 55 d5 24 31 31 24 d5 55 55 2b 48 38 80 55 55 80 38 48 2b 55 00 00 00 06 00 80 ff eb 03 55 03 95 00 08 00 21 00 25 00 44 00 51 00 56 00 00 13 37 35 23 15 23 15 33 15 25 35 23 15 14 06 2b 01 07 33 15 23 15 21 35 23 35 33 32 36 3d 01 33 35 23 01 35 23 15 07 33 35 23 35 33 35 23 35 33 35 23 35 34 26 3b 01 32 16 17 37 2e 01 2b 01 22 06 15 11 37 35 17 23 07 33 32 36 3d 01 07 15 14 06 23 13 01 17 01 27 ab 2a 2a 2b 2b 02 80 2b 64 33 d2 55 3e 55 01 80 56 14 57 6b 2a 2a ff 00 2b ab 56 56 56 56 56 56 04 11 d6 0f 17 03 40 12 37 20 d6 35 2d 55 e3 Data Ascii: VUU+0340++7WGUVHW7K55KK55K++++++++++++U$11$UU+H8UU8H+UU!%DQV75##3%5#+3#!5#5326=35#5#35#535#535#54&;27.+"75#326=#'+++d3U>UVWk*+VVVVVV@7 5-U
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: fd ab 2a 02 00 fe 00 d6 55 55 03 15 56 2a 2a 56 38 35 fe 00 35 5e 55 55 55 55 5e 35 02 00 35 38 2b 2b fd 93 11 2c 2c 11 02 00 12 06 06 12 fe 6d 01 56 2b ff 00 ab 56 00 00 00 0a 00 55 ff c0 03 ab 03 95 00 03 00 07 00 0b 00 0f 00 13 00 17 00 1b 00 1f 00 31 00 40 00 00 01 21 11 21 17 21 15 21 03 21 15 21 11 33 15 23 15 33 15 23 37 33 15 23 37 33 15 23 15 33 15 23 01 35 34 26 23 21 22 06 15 11 14 16 33 21 3a 01 33 11 03 21 22 26 35 11 34 36 33 21 15 21 15 21 11 01 00 02 00 fe 00 2b 01 aa fe 56 2b 02 00 fe 00 d5 d5 80 80 ac 2b 2b 7f d5 d5 d5 d5 01 2a 45 4f fe 00 34 38 38 34 02 56 35 1f 40 56 fd 6c 11 05 05 11 02 3f fe 00 02 55 01 15 01 00 2a ab 01 2b 2b fe ab 2b 2b 2a 28 2b 83 2b 2b 2a 02 aa 28 26 32 4d 35 fd 2a 34 49 03 55 fd 00 17 11 02 d6 11 1c 2b 55 fd 55 Data Ascii: UUVV855^UUUU^558++,,mV+VU1@!!!!!!3#3#73#73#3#54&#!"3!:3!"&5463!!!+V+++EO4884V5@Vl?U++++(+++(&2M54IU+UU
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 03 05 06 06 0c 03 00 00 00 00 07 00 00 00 35 04 00 03 75 00 13 00 18 00 45 00 55 00 61 00 6d 00 91 00 00 01 2e 01 2b 01 22 06 1d 01 14 16 3b 01 32 36 3d 01 34 26 27 07 23 35 33 17 37 27 2e 01 2b 01 35 34 26 23 21 22 06 15 11 14 16 33 31 15 14 16 3b 01 1e 01 33 32 36 37 33 1e 01 33 32 36 37 33 32 36 3d 01 34 26 27 05 22 26 35 11 34 36 33 21 32 16 15 11 14 06 23 03 22 26 35 34 36 33 32 16 15 14 06 21 22 26 35 34 36 33 32 16 15 14 06 37 14 06 2b 01 2e 01 23 22 06 07 23 2e 01 23 22 06 07 23 22 26 3d 01 21 32 36 3d 01 33 32 16 1f 01 1e 01 15 03 1b 05 0e 08 20 0d 13 13 0d 80 0d 13 03 02 1b 80 20 60 90 80 0e 2a 18 80 38 28 fe 20 28 38 38 28 38 28 25 0a 44 2d 2d 44 0a a9 0b 44 2d 2d 44 0a 25 28 38 08 08 fc 70 0d 13 13 0d 01 e0 0d 13 13 0d e0 1a 26 26 1a 1b 25 25 Data Ascii: 5uEUam.+";26=4&'#537'.+54&#!"31;326733267326=4&'"&5463!2#"&54632!"&546327+.#"#.#"#"&=!26=32 `*8( (88(8(%D--DD--D%(8p&&%%
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 1a 26 26 1a 02 80 0e 12 fd 80 0d 13 13 0d 03 00 0e 12 12 0e fe c0 0a 06 07 09 09 07 06 0a 60 0a 06 07 09 09 07 06 0a 60 0a 06 07 09 09 07 06 0a fd 80 09 07 06 0a 0a 06 07 09 60 09 07 06 0a 0a 06 07 09 60 09 07 06 0a 0a 06 07 09 c0 09 07 06 0a 0a 06 07 09 60 09 07 06 0a 0a 06 07 09 60 09 07 06 0a 0a 06 07 09 c0 09 07 06 0a 0a 06 07 09 60 09 07 06 0a 0a 06 07 09 a0 13 0d e0 0d 13 13 0d e0 0d 13 e0 a0 00 00 00 00 05 00 00 00 95 04 00 03 35 00 0f 00 13 00 24 00 27 00 37 00 00 01 21 22 06 15 11 14 16 33 21 32 36 35 11 34 26 05 17 07 11 01 14 06 23 21 22 26 35 37 17 1e 01 33 32 36 3f 01 17 27 37 01 0e 01 23 22 26 27 01 34 36 33 21 32 16 15 01 03 80 fd 00 35 4b 4b 35 03 00 35 4b 4b fc 8b e0 e0 03 80 26 1a fd 00 1a 26 fb 8b 0d 1e 0f 0f 1e 0d 8b fb e0 e0 fe 66 08 Data Ascii: &&```````5$'7!"3!2654&#!"&57326?'7#"&'463!25KK55KK&&f
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 37 36 37 36 33 32 17 16 15 14 07 01 06 23 02 00 0f 0a fe 9b 05 0a 0a 16 16 11 11 0e 0d 49 48 80 24 24 25 20 20 17 16 15 15 16 17 20 20 25 24 24 80 48 49 83 fe 9c 0a 0f 15 0b 01 58 04 0a 0b 1b 1b 1d 1c 29 28 27 7d 47 47 0c 0d 14 15 13 12 14 14 12 13 15 14 0d 0c 47 47 7d 7f 83 fe aa 0b 00 00 00 01 00 00 00 2f 03 b7 03 ba 00 26 00 00 01 14 0f 01 13 14 15 14 07 06 23 22 27 25 05 06 23 22 27 26 35 34 37 13 27 26 35 34 37 25 13 36 33 32 17 13 05 16 15 03 b7 0f cf 31 06 06 0b 0b 0c fe ff ff 00 0d 0a 0c 06 06 01 31 d0 0e 20 01 1f 80 0b 11 12 0a 81 01 1f 20 02 5a 0c 0f ca fe e2 04 07 0c 09 08 07 87 87 07 08 09 0c 03 08 01 1e ca 0f 0c 16 05 29 01 04 18 18 fe fc 29 05 16 00 00 00 02 00 00 00 2f 03 b7 03 ba 00 09 00 2e 00 00 01 37 2f 01 0f 01 17 07 37 17 01 14 0f 01 Data Ascii: 767632#IH$$% %$$HIX)('}GGGG}/&#"'%#"'&547'&547%63211 Z))/.7/7
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 07 06 23 22 27 26 35 34 37 36 37 36 37 36 37 36 35 34 27 26 27 26 27 26 27 26 35 34 37 36 33 32 17 16 17 16 15 33 14 07 06 07 06 23 22 27 26 35 34 37 36 37 36 37 36 35 34 27 26 27 26 27 26 35 34 37 36 33 32 17 16 17 16 15 33 14 07 06 07 06 23 22 27 26 35 34 37 36 37 36 37 36 37 36 37 36 35 34 27 26 27 26 27 26 27 26 27 26 35 34 37 36 33 32 17 16 17 16 15 01 b7 0b 0b 0f 0f 0a bf 95 0f 0b 0b 0b 0b 0f 95 bf 0a 0f 0f 0b 0b db 18 18 28 06 09 0e 0b 0b 07 07 09 0a 0a 09 07 07 07 07 09 0a 0a 09 07 07 0b 0b 0e 09 06 28 18 18 93 31 31 50 07 07 0f 0b 0b 16 20 0c 2a 18 17 17 18 2a 0c 20 16 0b 0b 0f 07 07 50 31 31 92 49 48 79 07 08 0f 0a 0b 16 04 09 09 04 1a 15 46 27 28 28 27 46 15 1a 04 09 09 04 16 0b 0a 0f 08 07 79 48 49 03 03 fd 92 0f 0a 0b 0b be 0b 0b 0e dc 0f 0b Data Ascii: #"'&547676767654'&'&'&'&5476323#"'&5476767654'&'&'&5476323#"'&54767676767654'&'&'&'&'&547632((11P ** P11IHyF'(('FyHI
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 36 17 16 15 11 14 07 06 27 01 26 27 11 14 07 06 27 01 26 35 34 37 01 36 17 16 15 11 36 37 03 9d 0b 07 08 08 07 0b fe 6a 04 03 07 08 0b fe 6b 0b 0b 01 95 0b 08 07 03 04 03 7c 0a 03 03 0f fc b7 0f 04 03 0b 01 95 06 05 fe 6b 0f 04 03 0b 01 95 0b 0f 0f 0b 01 96 0a 03 03 0f fe 6a 06 05 00 00 00 00 01 00 00 00 13 03 24 03 85 00 0f 00 00 09 01 06 27 26 35 11 34 37 36 17 01 16 15 14 07 03 17 fd 09 0d 0a 09 09 0a 0d 02 f7 0d 0d 01 ba fe 5b 08 06 06 0f 03 49 0f 05 06 07 fe 5a 08 0a 0a 08 00 02 00 00 00 15 03 6e 03 83 00 14 00 29 00 00 01 11 14 07 06 23 21 22 27 26 35 11 34 37 36 33 21 32 17 16 15 21 11 14 07 06 23 21 22 27 26 35 11 34 37 36 33 21 32 17 16 15 03 6e 0b 0b 0f fe dc 0f 0b 0b 0b 0b 0f 01 24 0f 0b 0b fe 00 0b 0b 0f fe dc 0f 0b 0b 0b 0b 0f 01 24 0f 0b 0b Data Ascii: 6'&''&547667jk\|kj$'&5476[IZn)#!"'&54763!2!#!"'&54763!2n$$
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 23 22 27 09 01 06 23 22 2f 01 26 35 34 37 01 36 33 32 17 01 16 15 03 99 16 2a 16 1e 1f 15 fe ea fe eb 15 1f 1f 14 2b 16 16 01 74 15 1e 1e 16 01 74 16 01 15 1e 15 2b 16 16 01 15 fe eb 16 16 2b 14 1f 1f 15 01 74 15 15 fe 8c 15 1f 00 00 01 00 1e 00 7d 03 99 02 ae 00 19 00 00 01 14 07 01 06 23 22 27 01 26 35 34 3f 01 36 33 32 17 09 01 36 33 32 1f 01 16 03 99 16 fe 8c 15 1f 1e 15 fe 8c 16 16 2a 17 1d 1f 15 01 15 01 16 15 1f 1d 17 2a 16 02 3a 1e 16 fe 8c 15 15 01 74 15 1f 1e 16 2b 15 15 fe ea 01 16 15 15 2b 16 00 00 00 00 02 00 00 00 5e 04 49 02 f1 00 2b 00 57 00 00 25 14 07 06 23 21 22 27 26 27 26 27 26 35 26 35 11 23 22 27 26 35 34 3f 01 36 33 32 1f 01 16 15 14 07 06 2b 01 15 21 32 1f 01 16 15 25 14 0f 01 06 23 22 2f 01 26 35 34 37 36 3b 01 35 21 22 2f 01 26 Data Ascii: #"'#"/&547632+tt++t}#"'&54?632632*:t++^I+W%#!"'&'&'&5&5#"'&54?632+!2%#"/&5476;5!"/&

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	537	OUT	GET /js/image_view.js HTTP/1.1 Host: www.surveycarrot.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	310	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache/2.4.58 (Unix) OpenSSL/3.0.7 mod_jk/1.2.46 Last-Modified: Mon, 03 Jun 2024 20:05:39 GMT ETag: "208-61a01db6e6ac0" Accept-Ranges: bytes Content-Length: 520 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2024-07-01 21:33:49 UTC	520	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 48 74 6d 6c 28 69 64 2c 74 61 67 6e 61 6d 65 29 7b 0a 20 20 76 61 72 20 63 6f 6e 74 61 69 6e 65 72 64 69 76 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 64 69 76 27 29 2c 0a 20 20 20 20 20 20 6e 77 74 61 67 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 74 61 67 6e 61 6d 65 29 3b 0a 20 20 6e 77 74 61 67 2e 69 64 20 3d 20 69 64 3b 0a 20 20 63 6f 6e 74 61 69 6e 65 72 64 69 76 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 6e 77 74 61 67 29 3b 0a 20 20 72 65 74 75 72 6e 20 63 6f 6e 74 61 69 6e 65 72 64 69 76 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 72 75 6e 5f 61 64 28 29 20 7b 0a 20 20 20 20 20 20 20 20 78 3d 63 72 65 61 74 65 45 6c Data Ascii: function createElementHtml(id,tagname){ var containerdiv = document.createElement('div'), nwtag = document.createElement(tagname); nwtag.id = id; containerdiv.appendChild(nwtag); return containerdiv;}function run_ad() { x=createEl

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	593	OUT	GET /css/fonts/lined-icons.woff HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.midoregon.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.midoregon.com/css/font-icons.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	512	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:04:07 GMT Accept-Ranges: bytes Content-Length: 86312 Cache-Control: max-age=172800 Expires: Wed, 03 Jul 2024 21:33:49 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Access-Control-Allow-Origin: * Connection: close Content-Type: font/woff
2024-07-01 21:33:49 UTC	7680	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 01 51 28 00 0b 00 00 00 01 50 dc 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4f 53 2f 32 00 00 01 08 00 00 00 60 00 00 00 60 0f 12 07 57 63 6d 61 70 00 00 01 68 00 00 00 64 00 00 00 64 02 ac bf 1b 67 61 73 70 00 00 01 cc 00 00 00 08 00 00 00 08 00 00 00 10 67 6c 79 66 00 00 01 d4 00 01 45 d0 00 01 45 d0 ad 8c 1a 2f 68 65 61 64 00 01 47 a4 00 00 00 36 00 00 00 36 19 8d bb 25 68 68 65 61 00 01 47 dc 00 00 00 24 00 00 00 24 07 c2 04 f3 68 6d 74 78 00 01 48 00 00 00 04 c8 00 00 04 c8 be 00 5c d4 6c 6f 63 61 00 01 4c c8 00 00 02 66 00 00 02 66 a9 ec 58 3a 6d 61 78 70 00 01 4f 30 00 00 00 20 00 00 00 20 01 43 02 06 6e 61 6d 65 00 01 4f 50 00 00 01 b6 00 00 01 b6 5f 6e ce ed 70 6f 73 74 00 01 51 08 00 00 00 Data Ascii: wOFFQ(POS/2``WcmaphddgaspglyfEE/headG66%hheaG$$hmtxH\locaLffX:maxpO0 CnameOP_npostQ
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: f4 0c 0c 0d 23 0c 03 ab 0d 0d 0c 24 0c 00 00 00 00 03 00 f7 ff b7 03 09 03 ab 00 02 00 05 00 2e 00 00 01 11 17 03 17 07 01 17 07 06 14 17 16 32 3f 01 11 14 16 17 16 32 3f 01 36 34 2f 01 37 36 34 2f 01 2e 01 23 22 06 15 11 27 26 22 07 06 14 17 02 2b 83 83 83 83 fe cc cd cd 0c 0c 0d 23 0c a2 07 06 0c 24 0c eb 0c 0c cd cd 0c 0c eb 06 0f 09 12 19 a2 0c 23 0d 0c 0c 02 12 01 07 84 fe af 84 84 02 3b cc cd 0c 24 0c 0d 0d a2 fe 91 08 10 06 0c 0c eb 0c 24 0c cd cc 0d 23 0c eb 06 07 19 12 fe 92 a1 0d 0d 0c 23 0d 00 00 00 00 03 00 d5 00 2b 03 55 03 2b 00 0e 00 30 00 3f 00 00 01 11 21 32 16 17 1e 01 15 14 06 07 0e 01 23 05 11 14 16 33 21 32 36 37 3e 01 35 34 26 27 2e 01 27 3e 01 37 3e 01 35 34 26 27 2e 01 23 21 22 06 15 13 21 32 16 17 1e 01 15 14 06 07 0e 01 23 21 01 Data Ascii: #$.2?2?64/764/.#"'&"+#$#;$$##+U+0?!2#3!267>54&'.'>7>54&'.#!"!2#!
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 02 01 01 fe ec 04 04 04 04 01 14 02 06 04 06 0c 07 01 29 06 0c 05 03 04 01 02 03 01 0e b1 c8 60 01 28 b1 77 60 00 00 00 00 07 00 55 ff d2 03 ab 03 7e 00 09 00 13 00 1d 00 26 00 79 00 82 00 8b 00 00 01 07 27 37 3e 01 37 36 16 17 01 17 15 27 2e 01 27 2e 01 35 05 35 37 15 14 06 07 0e 01 07 03 05 25 37 17 16 36 3f 01 03 1e 01 33 32 36 37 3e 01 3f 01 3e 01 3f 01 3e 01 37 3e 01 35 11 34 26 27 34 26 27 2e 01 27 2e 01 27 2e 01 2f 01 2e 01 2f 01 2e 01 07 0e 01 0f 01 0e 01 0f 01 0e 01 07 0e 01 07 0e 01 15 0e 01 07 0e 01 15 11 14 16 17 1e 01 1f 01 1e 01 1f 01 1e 01 17 03 11 27 35 34 26 2f 01 35 01 11 25 15 07 0e 01 1d 01 02 68 68 68 52 04 08 04 07 0e 07 fe 95 6a 55 03 06 03 04 05 02 40 6a 01 02 02 09 07 17 fe d7 fe d7 6b a9 0a 17 09 a9 d2 04 0b 05 06 0a 04 0c 16 0a Data Ascii: )`(w`U~&y'7>76'.'.557%76?3267>?>?>7>54&'4&'.'.'././.'54&/5%hhhRjU@jk
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 2e 01 23 22 06 07 0e 01 17 1e 01 37 03 17 0e 01 23 22 26 27 2e 01 35 26 36 37 27 17 0e 01 17 1e 01 17 1e 01 37 3e 01 37 17 0e 01 07 22 26 27 2e 01 27 2e 01 27 2e 01 27 3e 01 37 27 17 0e 01 07 06 14 17 30 16 17 1e 01 17 1e 01 17 1e 01 33 32 36 37 17 16 32 37 36 34 27 01 38 01 2f 01 30 26 31 01 26 22 07 06 14 17 01 b0 15 28 12 39 63 2b 24 3e 1a 14 22 0d 0b 0f 06 12 26 14 0c 03 0d 0e 23 0c 1a 31 16 05 05 18 17 0f 25 17 1d 47 2a 33 7a 45 18 33 19 12 12 04 04 1e 11 04 6c 06 0c 06 11 1f 0d 0d 0e 01 02 03 ad 6d 0e 0d 01 01 1c 19 1a 40 21 16 2b 14 63 2d 5f 2f 38 63 2b 24 3e 1a 14 22 0d 0b 0f 06 22 53 2f f2 b6 38 60 26 05 05 18 17 0f 25 17 1d 47 2a 33 7a 47 3f 7f 3a be 0d 23 0c 0d 0d fe 86 01 b3 01 fe 85 0d 23 0c 0d 0d 02 cc 05 05 01 20 1b 16 36 1d 16 2c 13 0f 19 Data Ascii: .#"7#"&'.5&67'7>7"&'.'.'.'>7'032672764'8/0&1&"(9c+$>"&#1%G3zE3lm@!+c-_/8c+$>""S/8`&%G3zG?:## 6,
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 36 26 27 26 06 0f 01 23 22 06 15 14 16 3b 01 07 23 22 06 15 14 16 3b 01 07 06 16 17 16 36 3f 01 33 07 06 16 17 16 36 3f 01 33 32 36 35 34 26 2b 01 37 33 32 36 35 34 26 2b 01 37 36 26 27 26 06 07 02 5f 13 ab 13 cc 18 aa 17 02 16 12 11 1c 02 18 bd 12 19 19 12 b4 13 a1 12 19 19 12 97 17 02 16 12 11 1c 02 18 aa 17 02 16 12 11 1c 02 18 bd 12 19 19 12 b4 13 a1 12 19 19 12 97 17 02 16 12 11 1c 02 02 00 ab ab 01 2f da d1 12 1b 02 02 16 12 da 19 11 12 19 ab 19 11 12 19 d1 11 1c 02 02 16 12 da d1 11 1c 02 02 16 12 da 19 12 11 19 ab 19 12 11 19 d1 12 1b 02 02 16 12 00 00 03 00 55 00 00 03 ab 03 55 00 16 00 2d 00 84 00 00 25 14 06 07 0e 01 2b 01 22 26 27 2e 01 3d 01 34 36 37 3e 01 3b 01 15 05 35 33 32 16 17 1e 01 1d 01 14 06 07 0e 01 2b 01 22 26 27 2e 01 35 23 14 16 Data Ascii: 6&'&#";#";6?36?32654&+732654&+76&'&_/UU-%+"&'.=467>;532+"&'.5#
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 2e 01 35 34 36 37 3e 01 33 32 16 17 1e 01 15 05 21 32 36 35 34 26 23 21 22 06 15 14 16 33 13 32 36 35 34 26 23 22 06 15 14 16 33 21 32 36 35 34 26 23 22 06 15 14 16 33 03 d5 09 0a 23 1a 19 20 20 26 25 54 2e 2e 31 31 2e 2e 54 25 26 20 20 19 1a 23 0a 09 09 0a 23 1a 19 20 20 26 25 54 2e 2e 31 31 2e 2e 54 25 26 20 20 19 1a 23 0a 09 55 3c 34 35 8b 50 50 8b 35 34 3c 3c 34 35 8b 50 50 8b 35 34 3c fd d5 01 56 11 19 19 11 fe aa 11 19 19 11 2b 12 19 19 12 12 19 19 12 01 00 12 19 19 12 12 19 19 12 01 ab 30 2e 2e 54 26 26 20 1f 1a 19 24 09 0a 0a 09 24 19 1a 1f 20 26 26 54 2e 2e 30 31 2e 2e 54 26 25 20 20 19 1a 24 09 0a 0a 09 24 1a 19 20 20 25 26 54 2e 2e 31 50 8c 34 34 3c 3c 34 34 8c 50 4f 8c 34 34 3d 3d 34 34 8c 4f ab 19 12 11 19 19 11 12 19 01 00 19 12 11 19 19 11 Data Ascii: .5467>32!2654&#!"32654&#"3!2654&#"3# &%T..11..T%& ## &%T..11..T%& #U<45PP54<<45PP54<V+0..T&& $$ &&T..01..T&% $$ %&T..1P44<<44PO44==44O
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 03 0e 0a 05 04 01 02 13 10 1e 23 63 3d 1f 0b 19 0e 14 2c 15 19 38 1e 17 27 0f 10 11 01 02 18 13 13 30 1b 31 32 31 63 2f 30 2e 27 25 24 44 1f 1f 1b 1b 17 17 23 0c 0c 06 01 15 11 12 2e 1b 80 80 09 10 06 05 07 05 0b 0b 20 14 15 18 19 1c 1c 3d 21 21 23 2a 2b 2c 59 2d 2c 2c 09 10 06 07 08 01 06 05 05 0d 08 23 41 1d 07 0f 06 05 09 03 36 0a 1d 0c 2d 27 28 44 1d 1d 16 07 04 0a 36 05 06 01 01 02 0c 10 04 01 08 06 06 0f 08 00 00 03 00 30 ff d8 03 f3 03 9e 00 21 00 6d 00 be 00 00 01 07 35 34 26 23 22 06 15 11 14 16 17 1e 01 17 1e 01 33 21 32 36 35 34 26 2b 01 37 36 34 27 26 22 07 13 36 26 27 2e 01 27 2e 01 27 2e 01 07 0e 01 0f 01 2e 01 27 37 3e 01 37 36 34 27 2e 01 27 2e 01 27 2e 01 2b 01 2a 01 07 0e 01 07 0e 01 17 16 17 1e 01 17 16 17 16 17 1e 01 17 16 17 16 17 1e Data Ascii: #c=,8'0121c/0.'%$D#. =!!#+,Y-,,#A6-'(D60!m54&#"3!2654&+764'&"6&'.'.'..'7>764'.'.'.+
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 46 50 44 7a 31 f3 06 0f 09 08 10 06 0c 0c fd e2 3e 37 36 51 18 17 17 18 51 36 37 3e 3e 36 36 51 18 17 17 18 51 36 36 1e f2 32 7a 44 50 45 46 69 1e 1e 1e 1e 69 46 45 50 50 45 46 69 1e 1e 2d 27 f2 06 07 07 06 0c 24 0c b7 18 17 51 37 36 3e 3e 36 37 51 17 18 18 17 51 37 36 3e 3e 36 37 51 17 18 00 00 00 00 03 00 2e ff d8 03 d4 03 7f 00 26 00 29 00 2c 00 00 01 3e 01 27 34 26 27 2e 01 27 2e 01 27 26 22 07 22 06 23 07 01 0e 01 07 06 16 17 05 13 1e 01 17 16 36 37 01 34 36 35 01 2d 01 17 0b 01 03 d4 01 01 02 03 02 02 05 03 04 08 05 04 09 05 01 03 01 01 fc ab 08 0d 04 07 0d 10 01 71 a4 04 0c 09 11 1f 06 01 2b 01 fd f8 fe fd 02 3f 3d ca 73 03 4a 05 0a 05 04 07 03 03 06 02 03 04 01 01 01 01 01 fe d6 03 0c 08 10 21 07 a4 fe 8f 08 0c 03 06 0f 11 03 54 01 02 01 fe 69 73 Data Ascii: FPDz1>76QQ67>>66QQ662zDPEFiiFEPPEFi-'$Q76>>67QQ76>>67Q.&),>'4&'.'.'&""#67465-q+?=sJ!Tis
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 0a 09 24 1a 19 20 20 25 26 54 2e 2e 31 50 8c 34 34 3c 3c 34 34 8c 50 4f 8c 34 34 3d 3d 34 34 8c 4f aa 19 11 ff 00 12 19 19 12 01 00 11 19 55 ab 00 0a 00 00 ff ab 04 00 03 ab 00 17 00 2f 00 3e 00 4d 00 5c 00 6a 00 78 00 86 00 94 00 a2 00 00 01 34 26 27 2e 01 23 22 06 07 0e 01 15 14 16 17 1e 01 33 32 36 37 3e 01 27 14 06 07 0e 01 23 22 26 27 2e 01 35 34 36 37 3e 01 33 32 16 17 1e 01 03 15 14 16 33 32 36 3d 01 34 26 23 22 06 15 11 15 14 16 33 32 36 3d 01 34 26 23 22 06 15 01 17 16 32 37 36 34 2f 01 26 22 07 06 14 17 01 17 16 32 37 36 34 2f 01 26 22 07 06 14 25 33 32 36 35 34 26 2b 01 22 06 15 14 16 21 33 32 36 35 34 26 2b 01 22 06 15 14 16 01 37 36 34 27 26 22 0f 01 06 14 17 16 32 01 37 36 34 27 26 22 0f 01 06 14 17 16 32 03 00 28 23 23 5d 35 35 5d 23 23 28 Data Ascii: $ %&T..1P44<<44PO44==44OU/>M\jx4&'.#"3267>'#"&'.5467>32326=4&#"326=4&#"2764/&"2764/&"%32654&+"!32654&+"764'&"2764'&"2(##]55]##(
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 0f 0a 08 09 22 0f 01 44 fe e7 12 19 19 12 01 19 62 0d 0d 0c 24 0c ab 03 04 02 02 01 06 06 ab 0c 24 0c 0d 0d 6d 19 50 2f 2f 65 2f 28 39 10 0a 0a 42 68 21 25 18 14 14 5d 40 3f 97 4d 2e 50 20 0d 02 0b 0c 24 0d 18 3e 24 3c 75 32 31 49 0f 10 12 1d 1e 5d 3c 0e 12 07 06 0b 26 1b 1f 43 20 1f 36 10 09 22 0f 10 0a 09 00 00 03 00 80 00 00 03 80 03 55 00 2a 00 43 00 5b 00 00 25 35 34 26 27 2e 01 23 21 22 06 07 0e 01 1d 01 14 16 33 32 36 3d 01 34 36 37 3e 01 33 21 32 16 17 1e 01 1d 01 14 16 33 32 36 35 03 34 26 27 2e 01 23 22 06 07 0e 01 15 14 16 17 1e 01 33 32 36 37 3e 01 35 23 14 06 07 0e 01 23 22 26 27 2e 01 35 34 36 37 3e 01 33 32 16 17 1e 01 03 80 22 1c 1d 4e 2c fe aa 2c 4e 1d 1c 22 19 12 11 19 14 12 11 2f 1a 01 56 1a 2f 11 12 14 19 11 12 19 ab 21 1d 1d 4e 2c 2c Data Ascii: "Db$$mP//e/(9Bh!%]@?M.P $>$<u21I]<&C 6"U*C[%54&'.#!"326=467>3!232654&'.#"3267>5##"&'.5467>32"N,,N"/V/!N,,

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	543	OUT	GET /js/jquery-min.js HTTP/1.1 Host: www.stickleyonsecurity.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	378	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache/2.4.58 (Unix) OpenSSL/3.0.7 mod_jk/1.2.46 Strict-Transport-Security: max-age=31536000; includeSubDomains Last-Modified: Wed, 26 Aug 2020 17:07:05 GMT ETag: "17bdd-5adcad9586040" Accept-Ranges: bytes Content-Length: 97245 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2024-07-01 21:33:49 UTC	7814	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 31 2e 31 32 2e 32 20 7c 20 28 63 29 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e 64 6f 77 20 77 69 74 68 20 61 20 64 6f 63 75 6d 65 Data Ascii: /! jQuery v1.12.2 \| (c) jQuery Foundation \| jquery.org/license /!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a docume
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 6e 6f 64 65 54 79 70 65 26 26 31 3d 3d 3d 62 2e 6e 6f 64 65 54 79 70 65 26 26 28 7e 62 2e 73 6f 75 72 63 65 49 6e 64 65 78 7c 7c 43 29 2d 28 7e 61 2e 73 6f 75 72 63 65 49 6e 64 65 78 7c 7c 43 29 3b 69 66 28 64 29 72 65 74 75 72 6e 20 64 3b 69 66 28 63 29 77 68 69 6c 65 28 63 3d 63 2e 6e 65 78 74 53 69 62 6c 69 6e 67 29 69 66 28 63 3d 3d 3d 62 29 72 65 74 75 72 6e 2d 31 3b 72 65 74 75 72 6e 20 61 3f 31 3a 2d 31 7d 66 75 6e 63 74 69 6f 6e 20 6c 61 28 61 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3d 62 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 22 69 6e 70 75 74 22 3d 3d 3d 63 26 26 62 2e 74 79 70 65 3d 3d 3d 61 7d 7d 66 75 6e 63 74 69 6f 6e 20 6d 61 28 61 29 7b 72 65 74 75 72 Data Ascii: nodeType&&1===b.nodeType&&(~b.sourceIndex\|\|C)-(~a.sourceIndex\|\|C);if(d)return d;if(c)while(c=c.nextSibling)if(c===b)return-1;return a?1:-1}function la(a){return function(b){var c=b.nodeName.toLowerCase();return"input"===c&&b.type===a}}function ma(a){retur
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 29 7b 76 61 72 20 63 2c 65 3d 64 2e 70 73 65 75 64 6f 73 5b 61 5d 7c 7c 64 2e 73 65 74 46 69 6c 74 65 72 73 5b 61 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 7c 7c 66 61 2e 65 72 72 6f 72 28 22 75 6e 73 75 70 70 6f 72 74 65 64 20 70 73 65 75 64 6f 3a 20 22 2b 61 29 3b 72 65 74 75 72 6e 20 65 5b 75 5d 3f 65 28 62 29 3a 65 2e 6c 65 6e 67 74 68 3e 31 3f 28 63 3d 5b 61 2c 61 2c 22 22 2c 62 5d 2c 64 2e 73 65 74 46 69 6c 74 65 72 73 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 28 61 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 3f 68 61 28 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b 76 61 72 20 64 2c 66 3d 65 28 61 2c 62 29 2c 67 3d 66 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 67 2d 2d 29 64 3d 4a 28 61 2c 66 5b 67 5d 29 2c 61 5b 64 5d 3d 21 28 63 5b 64 5d 3d 66 Data Ascii: ){var c,e=d.pseudos[a]\|\|d.setFilters[a.toLowerCase()]\|\|fa.error("unsupported pseudo: "+a);return e[u]?e(b):e.length>1?(c=[a,a,"",b],d.setFilters.hasOwnProperty(a.toLowerCase())?ha(function(a,c){var d,f=e(a,b),g=f.length;while(g--)d=J(a,f[g]),a[d]=!(c[d]=f
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 20 64 3d 62 5b 30 5d 3b 72 65 74 75 72 6e 20 63 26 26 28 61 3d 22 3a 6e 6f 74 28 22 2b 61 2b 22 29 22 29 2c 31 3d 3d 3d 62 2e 6c 65 6e 67 74 68 26 26 31 3d 3d 3d 64 2e 6e 6f 64 65 54 79 70 65 3f 6e 2e 66 69 6e 64 2e 6d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 28 64 2c 61 29 3f 5b 64 5d 3a 5b 5d 3a 6e 2e 66 69 6e 64 2e 6d 61 74 63 68 65 73 28 61 2c 6e 2e 67 72 65 70 28 62 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 7d 29 29 7d 2c 6e 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 66 69 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 2c 63 3d 5b 5d 2c 64 3d 74 68 69 73 2c 65 3d 64 2e 6c 65 6e 67 74 68 3b 69 66 28 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 61 29 72 65 74 75 72 6e 20 74 68 69 Data Ascii: d=b[0];return c&&(a=":not("+a+")"),1===b.length&&1===d.nodeType?n.find.matchesSelector(d,a)?[d]:[]:n.find.matches(a,n.grep(b,function(a){return 1===a.nodeType}))},n.fn.extend({find:function(a){var b,c=[],d=this,e=d.length;if("string"!=typeof a)return thi
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 69 6f 6e 20 50 28 61 2c 62 2c 63 29 7b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 63 26 26 31 3d 3d 3d 61 2e 6e 6f 64 65 54 79 70 65 29 7b 76 61 72 20 64 3d 22 64 61 74 61 2d 22 2b 62 2e 72 65 70 6c 61 63 65 28 4f 2c 22 2d 24 31 22 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 69 66 28 63 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 64 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 63 29 7b 74 72 79 7b 63 3d 22 74 72 75 65 22 3d 3d 3d 63 3f 21 30 3a 22 66 61 6c 73 65 22 3d 3d 3d 63 3f 21 31 3a 22 6e 75 6c 6c 22 3d 3d 3d 63 3f 6e 75 6c 6c 3a 2b 63 2b 22 22 3d 3d 3d 63 3f 2b 63 3a 4e 2e 74 65 73 74 28 63 29 3f 6e 2e 70 61 72 73 65 4a 53 4f 4e 28 63 29 3a 63 7d 63 61 74 63 68 28 65 29 7b 7d 6e 2e 64 61 74 61 28 61 2c 62 2c 63 29 7d 65 6c 73 65 20 63 Data Ascii: ion P(a,b,c){if(void 0===c&&1===a.nodeType){var d="data-"+b.replace(O,"-$1").toLowerCase();if(c=a.getAttribute(d),"string"==typeof c){try{c="true"===c?!0:"false"===c?!1:"null"===c?null:+c+""===c?+c:N.test(c)?n.parseJSON(c):c}catch(e){}n.data(a,b,c)}else c
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 29 3b 69 26 26 70 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 69 29 2c 6c 2e 61 70 70 65 6e 64 43 68 65 63 6b 65 64 7c 7c 6e 2e 67 72 65 70 28 65 61 28 71 2c 22 69 6e 70 75 74 22 29 2c 69 61 29 2c 72 3d 30 3b 77 68 69 6c 65 28 67 3d 71 5b 72 2b 2b 5d 29 69 66 28 64 26 26 6e 2e 69 6e 41 72 72 61 79 28 67 2c 64 29 3e 2d 31 29 65 26 26 65 2e 70 75 73 68 28 67 29 3b 65 6c 73 65 20 69 66 28 68 3d 6e 2e 63 6f 6e 74 61 69 6e 73 28 67 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2c 67 29 2c 69 3d 65 61 28 70 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 67 29 2c 22 73 63 72 69 70 74 22 29 2c 68 26 26 66 61 28 69 29 2c 63 29 7b 66 3d 30 3b 77 68 69 6c 65 28 67 3d 69 5b 66 2b 2b 5d 29 5f 2e 74 65 73 74 28 67 2e 74 79 70 65 7c 7c 22 22 29 26 26 63 2e 70 75 73 68 28 67 29 7d 72 65 Data Ascii: );i&&p.removeChild(i),l.appendChecked\|\|n.grep(ea(q,"input"),ia),r=0;while(g=q[r++])if(d&&n.inArray(g,d)>-1)e&&e.push(g);else if(h=n.contains(g.ownerDocument,g),i=ea(p.appendChild(g),"script"),h&&fa(i),c){f=0;while(g=i[f++])_.test(g.type\|\|"")&&c.push(g)}re
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 61 72 20 61 3d 74 68 69 73 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 3b 74 68 69 73 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 3d 70 61 2c 61 26 26 28 61 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 3f 61 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3a 61 2e 72 65 74 75 72 6e 56 61 6c 75 65 3d 21 31 29 7d 2c 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2e 6f 72 69 67 69 6e 61 6c 45 76 65 6e 74 3b 74 68 69 73 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 3d 70 61 2c 61 26 26 21 74 68 69 73 2e 69 73 53 69 6d 75 6c 61 74 65 64 26 26 28 61 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 26 26 61 2e 73 74 6f 70 50 72 6f 70 61 67 61 74 69 6f 6e 28 29 2c 61 2e Data Ascii: ar a=this.originalEvent;this.isDefaultPrevented=pa,a&&(a.preventDefault?a.preventDefault():a.returnValue=!1)},stopPropagation:function(){var a=this.originalEvent;this.isPropagationStopped=pa,a&&!this.isSimulated&&(a.stopPropagation&&a.stopPropagation(),a.
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 3d 3d 3d 62 2e 6e 6f 64 65 54 79 70 65 3f 62 2e 69 6e 6e 65 72 48 54 4d 4c 2e 72 65 70 6c 61 63 65 28 74 61 2c 22 22 29 3a 76 6f 69 64 20 30 3b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 61 26 26 21 77 61 2e 74 65 73 74 28 61 29 26 26 28 6c 2e 68 74 6d 6c 53 65 72 69 61 6c 69 7a 65 7c 7c 21 75 61 2e 74 65 73 74 28 61 29 29 26 26 28 6c 2e 6c 65 61 64 69 6e 67 57 68 69 74 65 73 70 61 63 65 7c 7c 21 61 61 2e 74 65 73 74 28 61 29 29 26 26 21 64 61 5b 28 24 2e 65 78 65 63 28 61 29 7c 7c 5b 22 22 2c 22 22 5d 29 5b 31 5d 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5d 29 7b 61 3d 6e 2e 68 74 6d 6c 50 72 65 66 69 6c 74 65 72 28 61 29 3b 74 72 79 7b 66 6f 72 28 3b 64 3e 63 3b 63 2b 2b 29 62 3d 74 68 69 73 5b 63 5d 7c 7c 7b 7d 2c 31 3d 3d 3d 62 2e 6e Data Ascii: ===b.nodeType?b.innerHTML.replace(ta,""):void 0;if("string"==typeof a&&!wa.test(a)&&(l.htmlSerialize\|\|!ua.test(a))&&(l.leadingWhitespace\|\|!aa.test(a))&&!da[($.exec(a)\|\|["",""])[1].toLowerCase()]){a=n.htmlPrefilter(a);try{for(;d>c;c++)b=this[c]\|\|{},1===b.n
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 28 63 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 22 66 69 6c 74 65 72 22 29 2c 22 22 3d 3d 3d 62 7c 7c 64 26 26 21 64 2e 66 69 6c 74 65 72 29 7c 7c 28 63 2e 66 69 6c 74 65 72 3d 56 61 2e 74 65 73 74 28 66 29 3f 66 2e 72 65 70 6c 61 63 65 28 56 61 2c 65 29 3a 66 2b 22 20 22 2b 65 29 7d 7d 29 2c 6e 2e 63 73 73 48 6f 6f 6b 73 2e 6d 61 72 67 69 6e 52 69 67 68 74 3d 55 61 28 6c 2e 72 65 6c 69 61 62 6c 65 4d 61 72 67 69 6e 52 69 67 68 74 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 62 3f 50 61 28 61 2c 7b 64 69 73 70 6c 61 79 3a 22 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 7d 2c 53 61 2c 5b 61 2c 22 6d 61 72 67 69 6e 52 69 67 68 74 22 5d 29 3a 76 6f 69 64 20 30 7d 29 2c 6e 2e 63 73 73 48 6f 6f 6b 73 2e 6d 61 72 67 69 6e 4c 65 66 74 3d Data Ascii: (c.removeAttribute("filter"),""===b\|\|d&&!d.filter)\|\|(c.filter=Va.test(f)?f.replace(Va,e):f+" "+e)}}),n.cssHooks.marginRight=Ua(l.reliableMarginRight,function(a,b){return b?Pa(a,{display:"inline-block"},Sa,[a,"marginRight"]):void 0}),n.cssHooks.marginLeft=
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 6e 2e 65 61 63 68 28 7b 73 6c 69 64 65 44 6f 77 6e 3a 6d 62 28 22 73 68 6f 77 22 29 2c 73 6c 69 64 65 55 70 3a 6d 62 28 22 68 69 64 65 22 29 2c 73 6c 69 64 65 54 6f 67 67 6c 65 3a 6d 62 28 22 74 6f 67 67 6c 65 22 29 2c 66 61 64 65 49 6e 3a 7b 6f 70 61 63 69 74 79 3a 22 73 68 6f 77 22 7d 2c 66 61 64 65 4f 75 74 3a 7b 6f 70 61 63 69 74 79 3a 22 68 69 64 65 22 7d 2c 66 61 64 65 54 6f 67 67 6c 65 3a 7b 6f 70 61 63 69 74 79 3a 22 74 6f 67 67 6c 65 22 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 6e 2e 66 6e 5b 61 5d 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 63 2c 64 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 61 6e 69 6d 61 74 65 28 62 2c 61 2c 63 2c 64 29 7d 7d 29 2c 6e 2e 74 69 6d 65 72 73 3d 5b 5d 2c 6e 2e 66 78 2e 74 69 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 29 Data Ascii: n.each({slideDown:mb("show"),slideUp:mb("hide"),slideToggle:mb("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(a,b){n.fn[a]=function(a,c,d){return this.animate(b,a,c,d)}}),n.timers=[],n.fx.tick=function()

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	543	OUT	GET /js/sos-script.js HTTP/1.1 Host: www.stickleyonsecurity.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	375	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache/2.4.58 (Unix) OpenSSL/3.0.7 mod_jk/1.2.46 Strict-Transport-Security: max-age=31536000; includeSubDomains Last-Modified: Mon, 03 Jun 2024 20:05:39 GMT ETag: "6ed-61a01db6e6ac0" Accept-Ranges: bytes Content-Length: 1773 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2024-07-01 21:33:49 UTC	1773	IN	Data Raw: 76 61 72 20 64 69 73 70 6c 61 79 70 61 74 68 20 3d 20 27 53 6f 53 44 69 73 70 6c 61 79 27 2b 73 6f 73 5f 70 61 74 68 5f 69 64 3b 0a 76 61 72 20 68 6f 6c 64 65 72 70 61 74 68 20 3d 20 27 53 6f 53 48 6f 6c 64 65 72 27 2b 73 6f 73 5f 70 61 74 68 5f 69 64 3b 0a 76 61 72 20 6e 6f 6a 75 6d 70 7a 3d 30 3b 0a 0a 66 75 6e 63 74 69 6f 6e 20 53 4f 53 66 69 6e 64 50 6f 73 69 74 69 6f 6e 28 6f 62 6a 29 20 7b 0a 20 20 76 61 72 20 63 75 72 72 65 6e 74 74 6f 70 20 3d 20 30 3b 0a 20 20 69 66 20 28 6f 62 6a 2e 6f 66 66 73 65 74 50 61 72 65 6e 74 29 20 7b 0a 20 20 20 64 6f 20 7b 0a 20 20 20 20 63 75 72 72 65 6e 74 74 6f 70 20 2b 3d 20 6f 62 6a 2e 6f 66 66 73 65 74 54 6f 70 3b 0a 20 20 20 7d 20 77 68 69 6c 65 20 28 28 6f 62 6a 20 3d 20 6f 62 6a 2e 6f 66 66 73 65 74 50 61 72 Data Ascii: var displaypath = 'SoSDisplay'+sos_path_id;var holderpath = 'SoSHolder'+sos_path_id;var nojumpz=0;function SOSfindPosition(obj) { var currenttop = 0; if (obj.offsetParent) { do { currenttop += obj.offsetTop; } while ((obj = obj.offsetPar

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://www.midoregon.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 360

Chrome Cache Entry: 361

Chrome Cache Entry: 362

Chrome Cache Entry: 363

Chrome Cache Entry: 364

Chrome Cache Entry: 365

Chrome Cache Entry: 366

Chrome Cache Entry: 367

Chrome Cache Entry: 368

Chrome Cache Entry: 369

Chrome Cache Entry: 370

Chrome Cache Entry: 371

Chrome Cache Entry: 372

Chrome Cache Entry: 373

Chrome Cache Entry: 374

Chrome Cache Entry: 375

Chrome Cache Entry: 376

Chrome Cache Entry: 377

Chrome Cache Entry: 378

Chrome Cache Entry: 379

Chrome Cache Entry: 380

Windows Analysis Report
http://www.midoregon.com

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	611	OUT	GET /images/hero/banking-elevated.jpg HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	457	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 28 Jul 2022 20:24:46 GMT Accept-Ranges: bytes Content-Length: 182062 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:49 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/jpeg
2024-07-01 21:33:49 UTC	7735	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 06 04 04 04 05 04 06 05 05 06 09 06 05 06 09 0b 08 06 06 08 0b 0c 0a 0a 0b 0a 0a 0c 10 0c 0c 0c 0c 0c 0c 10 0c 0e 0f 10 0f 0e 0c 13 13 14 14 13 13 1c 1b 1b 1b 1c 20 20 20 20 20 20 20 20 20 20 ff db 00 43 01 07 07 07 0d 0c 0d 18 10 10 18 1a 15 11 15 1a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 ff c2 00 11 08 04 38 07 80 03 01 11 00 02 11 01 03 11 01 ff c4 00 1b 00 01 00 03 01 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 ff c4 00 1a 01 01 01 01 01 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 f1 3d fe 30 00 00 00 Data Ascii: JFIFHHC C 8=0
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 00 00 02 00 3e 4b c9 ed b7 0e dc 51 86 9d b6 79 d1 d3 8d 7a 78 d7 97 e8 e5 d5 cb 78 13 b6 ab 75 ec 97 1a d8 de 6b d2 96 c6 86 a5 16 84 a4 15 2a 82 b1 5b 22 39 d2 b2 f4 4b e8 db d5 61 73 8c e5 c2 5c 93 2b 9a cb d2 55 61 39 53 ce d6 7c fb 9c 6e 70 d6 79 ec ca ba b3 ae 5d e6 a7 4e 6f ab 9d 77 4b ce 9e ae 35 cd b7 95 5e b7 2d 72 f4 cd b3 7a 0e 73 1d 4e c8 e3 d6 7a eb 6e bc fc ce 7b f5 7b 70 f5 fb 71 ce ba d2 d2 d6 cd 0a 57 27 9b d5 d5 e8 f2 56 cc ed 99 36 b0 54 92 f2 e7 60 02 29 01 58 5c 80 0a 09 0a 00 90 02 00 24 00 00 00 00 00 04 00 14 10 14 80 00 04 80 00 00 10 b0 48 00 90 04 2a 40 85 20 48 a4 4a 80 42 ca 02 89 42 89 04 19 89 bd 93 4c eb d4 e3 da f2 f9 9b ce 75 e7 f5 e5 d3 32 b3 9f 9f 5c 73 ae 6e 3d dc bb fb 19 d6 f2 f2 e7 58 2f 4a 77 59 d1 73 aa 48 28 b9 Data Ascii: >KQyzxxuk["9Kas\+Ua9S\|npy]NowK5^-rzsNzn{{pqW'V6T`)X\$H@ HJBBLu2\sn=X/JwYsH(
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 15 8c 4e 4b 9e 6b 8b 1e cf 2d e9 a9 e0 eb 1b 6a 4d 9c c9 8d 7a 59 be 5e e6 09 b4 bd 79 d7 56 6f 2d 6f 9b 35 9a 59 72 4d 25 d4 e9 96 f6 62 6c 6f 2d 6c dc 8a cf 59 b7 7e 1d d6 61 d7 94 d6 7a e7 84 d5 b7 ce 22 16 d1 c3 73 cd 9b 44 59 9a 6d a9 6a ee dc 15 36 35 b2 b2 e2 5c b5 82 92 c1 b2 4d 63 2e 49 75 83 6b 2e 64 5a 30 96 a9 a5 b6 48 5c a2 c6 f6 56 b5 28 63 2c 99 a6 cb ad 83 09 6c 5e c1 59 68 6c 5a cc a5 c5 2c a3 4b 35 33 24 cb 36 89 a5 b2 91 2c 14 5a c6 66 95 06 31 9e 75 b5 93 65 0e 5c 6a 25 bd 74 eb 3a 57 4d 94 96 85 4e 8d 66 b1 94 b4 24 aa 42 ea 50 ce 31 97 6a d2 cb 14 4b 2e b5 05 cb 27 d1 f1 f4 7d 57 9f d3 54 a9 00 ba dd 44 90 00 24 aa 70 59 f1 fe bf 17 06 b1 11 a6 a4 63 a3 8f a2 fe 5f 5c 74 e7 7d 73 c7 7c f9 2e 32 5e be 98 e8 5e ef 0f d1 df 1d 3b f3 7a Data Ascii: NKk-jMzY^yVo-o5YrM%blo-lY~az"sDYmj65\Mc.Iuk.dZ0H\V(c,l^YhlZ,K53$6,Zf1ue\j%t:WMNf$BP1jK.'}WTD$pYc_\t}s\|.2^^;z
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 52 4b 17 96 09 2c 67 62 58 ac 6c 26 92 d4 e9 97 1b 39 ec 92 49 0a 89 20 d0 a0 04 10 5c d2 59 24 82 2a 52 d2 cd 82 a9 1a 94 4a 82 a0 59 24 80 00 34 a1 00 80 00 80 a0 00 b0 00 92 00 24 80 09 20 02 48 00 15 00 10 20 2a 40 04 92 41 20 02 08 81 01 40 20 90 00 58 22 59 b2 c4 a4 2c 00 09 00 80 40 40 51 00 88 90 40 00 91 40 01 b4 bb e7 40 0a 2d 62 d5 58 bd 4a 01 06 75 96 b9 c1 25 aa 01 20 02 08 89 a4 40 14 2c 41 49 60 40 02 6a 52 d4 22 21 44 20 92 49 a0 34 9a 8b 2c 22 28 53 36 ab 20 82 09 82 dc 02 09 00 10 01 52 0b c5 88 54 2c d0 a1 04 18 d8 2c 5a 5a d7 44 73 d9 99 62 01 75 44 59 69 6a 2a 62 2a a8 2c b2 90 4a c9 37 33 2c 59 79 69 64 5c d8 80 41 12 c0 b2 4b 10 09 15 24 82 40 20 00 01 20 10 08 22 50 01 00 00 02 80 26 c9 04 82 00 00 00 48 20 10 44 42 c8 08 21 49 20 Data Ascii: RK,gbXl&9I \Y$RJY$4$ H @A @ X"Y,@@Q@@@-bXJu% @,AI`@jR"!D I4,"(S6 RT,,ZZDsbuDYijb,J73,Yyid\AK$@ "P&H DB!I
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 3b 3c 5d 4b d2 6e 8e a2 5b 19 25 b6 3c 89 5a e2 3f 88 d3 27 ef c1 fe 58 be 30 b4 88 b8 e4 13 51 6f 1b 96 0f a8 41 2c 95 b1 0d 34 ea 27 09 12 a7 12 3d 54 11 d4 dc 60 95 0d fb 76 2c d8 b1 c8 d8 d8 b2 32 e1 8a 5c 98 fe 66 b9 22 4b d3 2e f1 f4 34 44 7f 25 89 f6 7d ab d1 5e 86 c4 fb 2f 96 25 e8 90 bb 44 7d ab b4 49 77 be 47 ea 6f b4 49 d1 1f 96 29 70 a4 64 a2 0c 83 27 31 48 b2 52 2c 52 2c b2 fb 5f 10 27 32 f8 6a dc 5d 24 fd d7 db 23 21 44 d7 31 f9 c4 49 54 99 7c 22 f9 cb 44 5f 69 3e 62 cb e7 63 e3 b7 25 f1 29 10 97 1e 46 c9 33 e5 6d 51 7f c7 a7 cb aa 21 2a 78 a6 45 88 8b 22 fb 34 38 99 70 c6 71 eb 3a 4c 98 98 d9 7d ec b3 62 cb e3 a6 7c 3c 75 9b 27 f4 53 ac 76 5f 6b 2c 82 e5 e7 78 ba 55 4f 1f 51 d1 43 59 74 cb 0a e9 b3 e2 f3 c0 cb c6 4c 72 f6 cc 89 25 ed 92 7b Data Ascii: ;<]Kn[%<Z?'X0QoA,4'=T`v,2\f"K.4D%}^/%D}IwGoI)pd'1HR,R,_'2j]$#!D1IT\|"D_i>bc%)F3mQ!*xE"48pq:L}b\|<u'Sv_k,xUOQCYtLr%{
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 43 22 8a f3 19 92 94 bc 66 86 86 a5 77 72 23 2b 5d df ad 16 49 92 24 4c e8 eb 79 ff 00 3f 92 5f cb 27 c8 8d 7d b2 32 fb b1 4b 89 fe 67 1d e3 8e 4e 32 96 ac 94 13 4b 53 7a 22 d1 74 38 a6 46 59 60 5d 9a c5 35 92 5b 65 d6 b2 61 49 b8 40 48 49 1e db e4 68 58 a4 cf 0c eb 8a 7d 3a 82 c9 1e 5e 28 9e 29 0a 0d 15 c7 e7 56 68 ea e8 de 67 ea 1e 58 8f 53 93 7c 88 f2 b3 ca 6c 26 cd 99 b3 2d 9b 1e 53 cb 21 cb 23 ec 9c 11 e5 89 e6 1e 76 2c cc 79 a4 cd a6 5b 2e 46 b3 2e 45 b3 69 8b 34 90 f3 31 67 67 98 f2 c4 6e 0f b6 d9 11 e6 91 e5 37 2d 9b 33 66 36 cd 8f 29 e6 66 f9 19 c8 b5 3c b1 47 98 79 c5 99 9e 66 6d 22 cf 70 b6 1e c6 8c 71 18 a6 7c 9a 76 d9 89 58 e0 54 10 a7 03 c9 03 78 89 21 a8 9a 9e 32 8d 62 68 28 cc d7 20 e1 90 58 98 e0 d1 b3 39 2e 45 33 db 13 ee 19 e7 64 3a 84 Data Ascii: C"fwr#+]I$Ly?_'}2KgN2KSz"t8FY`]5[eaI@HIhX}:^()VhgXS\|l&-S!#v,y[.F.Ei41ggn7-3f6)f<Gyfm"pq\|vXTx!2bh( X9.E3d:
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: ad 0f 2e 9e 5f e1 c1 5b 2f 2a 34 59 f1 1c 2a a7 94 55 9f 0f e9 22 95 b1 70 32 43 e3 42 e0 96 51 62 c9 a2 b6 a1 ff 00 04 46 59 27 b5 ac ac 4f 29 e1 58 e3 5c 5e cc 87 1f c4 5f fc 46 12 3a 1c 2d 52 28 92 47 57 81 a2 6d 0c c1 95 57 fb d8 b6 d1 46 9b 14 4d 39 36 75 f1 fe c1 a3 a5 8d c8 c2 8d 25 c4 c7 b1 2d 8f 34 2c 9e 4b 6c 9d 31 b2 33 b2 32 31 06 39 9d c1 cc ee 10 91 39 50 f1 8e f9 df 3b e7 7c ef 1d e3 be 77 8e e9 de 67 75 9d d6 77 59 dd 7f 9d 42 42 13 e0 4f 29 42 c9 e1 d6 e5 9f 53 1a 99 83 ed b9 6d f8 ac bf b5 23 0d 7a 1f 0f c3 a8 d8 c6 7c 53 06 e2 a6 49 7a 10 ff 00 12 0e d5 e7 1f 72 f8 28 a2 8e b6 3f f1 32 48 e8 57 f7 e5 59 d6 e6 3e 07 cb 35 79 47 d0 4e a4 4f d8 91 27 4f f6 62 fd ca cb 08 c7 f6 25 c0 8b fc 92 8a 28 ac eb c6 84 84 27 c0 99 79 62 61 7d 87 88 Data Ascii: ._[/4YU"p2CBQbFY'O)X\^_F:-R(GWmWFM96u%-4,Kl132199P;\|wguwYBBO)BSm#z\|SIzr(?2HWY>5yGNO'Ob%('yba}
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: f8 bc dd fd 04 7a b0 34 41 0e d3 b2 0c 48 fd e0 f8 df 04 6d 9f 42 79 23 73 dc fe 9e 39 ea ba fd ef 57 a3 1f 4b 17 47 8d 92 4f da 2b bb af de ef d0 4b ea 17 da 47 1a 18 bf 7b be 74 be b1 dd fd 94 11 c3 04 7e f5 7f 75 3f 7e bf 7b be 65 fc c4 ff 00 f5 86 3f ff c4 00 48 10 00 01 02 03 05 05 04 07 06 05 01 08 01 05 00 00 01 00 11 02 21 31 10 12 41 51 61 03 20 22 32 71 30 42 81 91 13 40 52 a1 b1 c1 d1 23 60 62 70 e1 f0 04 33 50 72 82 92 14 43 53 63 a2 b2 c2 f1 c0 05 24 54 73 83 ff da 00 08 01 01 00 06 3f 02 ff 00 e7 5d 53 f3 aa 7b b2 54 54 fc d1 9f ad fc bf 35 1c d7 d7 35 53 b7 3d da 76 52 de 9f e5 d7 c4 fa 9d 3d 42 52 5c 5e 7d 84 f7 25 be c6 d6 fc b1 60 b5 f5 9a 6f 4b 73 23 6f 17 9a 94 d3 7b b7 01 1e a3 2a d9 af e5 7e 8b 5b 6f 15 24 de 7e a3 21 d8 e7 d8 4e d6 Data Ascii: z4AHmBy#s9WKGO+KG{t~u?~{e?H!1AQa "2q0B@R#`bp3PrCSc$Ts?]S{TT55S=vR=BR\^}%`oKs#o{*~[o$~!N
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 54 4d 10 96 fc ab 85 be 8c 52 57 fe 8a 38 f1 26 c9 cd 7d 13 30 30 ec eb 0a 10 c0 2e e7 97 80 a2 bd 1f 17 8a e3 a6 5f a2 bd 76 e8 34 1d a8 5e 92 1f 1f 5b 1d 57 40 be 08 0d 2d f0 b0 64 a5 ec ae 46 8d a5 10 c7 fb 86 28 18 27 0c 58 64 a4 a7 43 5b 0a 17 a8 99 d4 e2 96 a9 c4 20 a2 7d 1b b5 6e 92 a6 62 0f ee 5e d6 4b 44 d1 53 45 cd e0 ab 24 18 a9 51 17 88 c5 11 c0 60 a7 8a 26 2e 6b 19 dc a6 3b 31 d4 49 72 47 0b 8e aa 51 79 85 38 82 93 1f 1b 68 a8 a8 a9 bf 55 5b 69 6d 2d aa af aa 52 ca aa db 4b 68 a9 65 55 55 7d 7a bb d4 b2 5b d4 b6 b6 55 4c da 22 79 62 a5 38 62 9c 2b 50 8e d6 2d a4 47 66 47 f2 fe 3f 05 0e cf f8 78 a1 82 1c 49 0e dd 33 f1 42 2f e6 6d 47 fb c8 e6 54 cb 3d 17 ff 00 6b 07 a4 17 0e d2 f4 52 78 45 5b 55 e8 1f 69 b4 86 5b 5f e1 ff 00 88 25 a1 63 81 e6 Data Ascii: TMRW8&}00._v4^[W@-dF('XdC[ }nb^KDSE$Q`&.k;1IrGQy8hU[im-RKheUU}z[UL"yb8b+P-GfG?xI3B/mGT=kRxE[Ui[_%c
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: ca 4f b3 ef e1 94 4b 97 ee b1 52 37 65 3c ad f2 12 42 70 dd e3 1c f8 63 65 69 5c a7 36 25 de af b0 27 fb 21 c8 9c af 06 e9 ae c2 b4 d3 91 27 19 d7 83 6c 6b f6 fc 13 aa 73 f6 cb 48 ef f2 25 0d f3 18 16 e2 ae 0d 85 fb 87 45 b3 db 58 d6 3e 84 10 41 04 10 41 04 11 a4 10 41 04 10 41 04 10 41 04 69 1a 41 04 10 41 04 10 41 04 69 1a 41 04 10 41 1a 41 04 11 a4 11 f4 a0 82 08 20 82 08 23 48 20 82 08 d6 08 d2 34 82 08 23 48 20 82 08 20 82 08 20 8d 23 48 20 82 08 20 82 08 d2 08 20 82 08 20 82 08 20 82 08 20 82 08 20 82 08 22 a2 bb 87 23 26 9e 54 21 93 93 30 9d 3f 91 44 d5 54 cb 88 23 53 19 f1 5d c6 c6 d4 3b ae 51 5c fb a6 54 b3 74 31 14 2d 51 87 4a 8a a9 b8 bd 14 b1 a9 5e f1 4c 78 7a 73 11 88 50 91 04 c3 36 11 23 d8 88 c2 12 49 18 22 b2 c5 0f 42 cf b9 6e 44 b8 e9 22 Data Ascii: OKR7e<Bpcei\6%'!'lksH%EX>AAAAAiAAAiAAA #H 4#H #H "#&T!0?DT#S];Q\Tt1-QJ^LxzsP6#I"BnD"

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:48 UTC	597	OUT	GET /images/logo@2x.png HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	455	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 16:56:49 GMT Accept-Ranges: bytes Content-Length: 35239 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:49 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/png
2024-07-01 21:33:49 UTC	7737	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 ad 00 00 00 c8 08 06 00 00 00 5b 18 be 6a 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 2d d4 00 00 2d d4 01 18 61 c5 69 00 00 00 1c 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 46 69 72 65 77 6f 72 6b 73 20 43 53 36 e8 bc b2 8c 00 00 20 00 49 44 41 54 78 9c ec 9d 77 a0 24 55 95 ff 3f a7 df 9b 19 86 30 a4 21 28 08 4a 10 41 92 0a 98 90 a0 18 a6 df 80 08 42 37 88 6b 40 d6 ac 6b e0 b7 46 ba 7a 50 54 5c d7 ac ac bb 6b 16 5e 83 ac 01 ba 31 47 0c 80 ba ba 4a 12 51 51 41 94 2c cc 30 e1 bd 3e bf 3f aa 6e d5 b9 b7 aa de eb ee f7 66 18 a0 be f0 a6 bb 2b dc 7b ee ad aa f3 bd e7 dc 73 4f 89 aa 52 a1 42 85 0a 0f 64 34 a2 de 56 a8 be 51 44 4e 56 d5 5d 44 e4 66 e0 9c c9 Data Ascii: PNGIHDR[jsBIT\|dpHYs--aitEXtSoftwareAdobe Fireworks CS6 IDATxw$U?0!(JAB7k@kFzPT\k^1GJQQA,0>?nf+{sORBd4VQDNV]Df
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 1a d8 59 55 b7 16 89 97 9e a8 ea 6a 11 b9 55 55 6f 00 7e 53 ab d5 7e 75 5e 6b d9 1f 46 a9 67 3e d0 78 eb 57 c6 19 1b db 05 91 3d 44 78 98 2a db 03 5b 89 c8 22 85 be c0 bd c0 df 15 6e 14 f8 a3 f6 fb bf ef ac 58 7e fb d0 f5 bc ed ab e3 8c 8d bd 02 91 36 b0 95 c2 fe 8d a8 f7 bc 4e 54 9f f3 7a bd 46 ab bb 1b b0 1f c8 9e 22 ec a2 e8 e6 68 12 ce 24 b2 52 e0 26 85 df a3 7a 25 70 5d a7 3d b1 7a ae 75 ce 2a d3 db 2f 5a 28 63 63 fb 13 c7 05 d4 81 4f 4e 46 f5 59 89 fa 84 b7 f7 16 d7 6a ba 17 b0 b7 88 ec 0a 2c 55 18 17 e5 6e 84 1b 54 f5 d7 c0 af e6 ab 0d f3 13 3d 58 93 1f 03 4f f4 37 52 14 89 57 fc 3b 8c 26 8c 2f dd 9d c0 9e da d7 5b 07 92 61 81 ec 4c 9f 6b 51 36 f5 ca b5 f2 84 39 11 8b e6 bd f2 0a f8 52 ed eb 53 06 91 21 27 53 9c 29 e4 e1 08 bb 20 ec 89 b2 17 71 38 Data Ascii: YUjUUo~S~u^kFg>xW=Dx["nX~6NTzF"h$R&z%p]=zu/Z(ccONFYj,UnT=XO7RW;&/[aLkQ69RS!'S) q8
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 89 ec 3b 64 49 5e e3 f3 1c e9 a8 eb 03 57 9e 6f 31 e0 2e 7e 51 5b 34 51 99 5e bd 25 83 e4 4e 7b 62 2d f0 2f 59 3d 99 f5 92 d6 94 8d 5c d2 8f 64 c0 30 26 22 07 88 c8 b1 0a 2f 44 e4 24 54 8f 54 78 68 6e 90 91 9d 8e 73 65 86 01 2a 09 5e d7 69 4f 14 e9 2a 03 19 53 65 a1 b5 60 25 bd b6 4e 54 77 9f 90 5e 77 8a 06 ee 83 42 e4 de 6c 9e d7 58 ee c6 cd 99 b5 23 bd 87 73 e9 ef fa ce e2 56 9f 8c 72 c4 34 d3 be 59 11 9b e9 e1 3d 57 44 52 c3 de ee a3 bb 07 c7 58 82 18 77 8d 06 9f e0 2b 31 e5 6e 5d 57 38 ca b8 06 e5 5a 6f 2e c9 95 53 44 64 c2 e1 84 96 56 99 b5 17 bb b7 8a e6 b3 a0 c6 aa 94 44 ed 5c 5a 59 94 5c 9c f6 bf b0 a8 52 58 d2 2d 1e 0c 15 f7 db 4c e8 a7 c3 28 bb 2d 2b b3 58 c4 35 03 96 ee c3 c9 1e de 25 79 2b 3a c6 80 77 53 e7 1d c7 4c 21 72 1d 6a 9f e5 6c d4 9e Data Ascii: ;dI^Wo1.~Q[4Q^%N{b-/Y=\d0&"/D$TTxhnse^iOSe`%NTw^wBlX#sVr4Y=WDRXw+1n]W8Zo.SDdVD\ZY\RX-L(-+X5%y+:wSL!rjl
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 91 c5 1c 4e b7 49 7a 2f 40 34 2f 6c e0 fd 1e fb a0 8d 9f 43 71 7e b1 8c 08 e7 be 8a 23 bd 5d d4 43 a3 dc ed 38 58 92 35 35 0d 1a 34 68 30 34 cc f6 2e 87 43 87 2e 42 b7 bc 21 9f e6 1a 47 5a cc 89 bf 75 38 da cc 56 f8 20 1d bf 1e 29 d8 4b 83 d0 5d 69 66 5b 70 7b 94 36 d8 01 d0 08 ad 06 0d 1a 2c 0b 24 b5 20 13 11 16 9f 52 9d 8b ae 22 1e bb 0d bc 6c 5b eb 7c fd f4 57 db 92 fe 2c 8c dc f4 51 6e 61 75 fe 5a 36 a7 75 a7 cc ee d9 d6 ba 1b 2c 0d 1a a1 d5 a0 41 83 65 81 79 41 10 46 ea 79 e1 15 2e b0 56 be fb c9 9f af 9b da 38 f8 92 93 12 4e 3e f5 6b 6d 33 fb 17 e0 88 72 b4 5c 10 02 92 ff f6 d1 7b c0 65 33 a7 9e d0 b8 07 77 10 34 42 ab 41 83 06 cb 85 9f c6 db 47 05 82 a4 b4 66 2c bb fa 28 e0 9b eb a6 36 bc 68 d8 8a d6 ae df f0 9c 34 4d cf 33 b3 53 7c 99 ae 1a 2b 76 Data Ascii: NIz/@4/lCq~#]C8X554h04.C.B!GZu8V )K]if[p{6,$ R"l[\|W,QnauZ6u,AeyAFy.V8N>km3r\{e3w4BAGf,(6h4M3S\|+v
2024-07-01 21:33:49 UTC	3502	IN	Data Raw: 8a 17 d3 a8 4e e7 2f 05 aa 9a a1 af d7 06 72 9c 1d 86 b2 1d cc ab 13 e5 3f b7 d4 6e e9 91 f7 e6 ae 82 44 b5 13 d0 cf 8b e8 83 d0 9d f9 83 6e bb 0e 64 68 d7 32 e2 7e 42 a8 d7 fc ce 20 4f a3 5c b6 d3 ba 17 a5 49 d7 94 6d b5 f4 2f b6 dc b2 9b d8 b7 af 9b fd 13 86 d3 c4 ae b0 94 34 5f 84 1e a3 4d 07 65 6a 42 bf f9 c4 10 a1 b0 57 e9 7a f7 32 9e d7 c5 a2 83 94 db e8 d0 7d 6c 1a d7 a0 60 a9 43 2c 11 76 61 81 c3 ba d2 58 47 a7 7a ee 70 59 58 a2 e5 77 a1 cf be 98 21 9a 39 ad 06 db 17 09 96 bf 80 a1 85 55 68 e8 2d 1e 8e 71 69 81 7e 58 66 0c 83 ac 57 4c b3 e0 91 7a 4d 78 8d 12 ad 07 3a 84 11 54 3e a7 b2 75 3e 2e 6d 5c 86 71 70 58 94 da da 13 f1 f8 da f9 17 a7 41 f7 3f 4f 69 b0 00 8a ee 58 4c be ea 1c e1 b6 d1 10 97 35 56 5b c7 b0 28 6f db 04 31 7d dd 46 41 55 b1 f2 Data Ascii: N/r?nDndh2~B O\Im/4_MejBWz2}l`C,vaXGzpYXw!9Uh-qi~XfWLzMx:T>u>.m\qpXA?OiXL5V[(o1}FAU

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	603	OUT	GET /images/menu.accounts.jpg HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	456	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 16:56:50 GMT Accept-Ranges: bytes Content-Length: 34748 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:49 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/jpeg
2024-07-01 21:33:49 UTC	7736	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 0b 08 08 08 09 08 0c 09 09 0c 11 0b 0a 0b 11 14 0f 0c 0c 0f 14 17 12 12 12 12 12 17 18 13 14 14 14 14 13 18 16 1a 1b 1c 1b 1a 16 22 22 24 24 22 22 2e 2e 2e 2e 2e 30 30 30 30 30 30 30 30 30 30 ff db 00 43 01 0c 0c 0c 10 10 10 17 11 11 17 18 14 13 14 18 1e 1b 1c 1c 1b 1e 24 1e 1e 1f 1e 1e 24 29 23 20 20 20 20 23 29 26 28 24 24 24 28 26 2b 2b 29 29 2b 2b 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 ff c0 00 11 08 01 90 01 5e 03 01 11 00 02 11 01 03 11 01 ff c4 00 1b 00 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 ff c4 00 4b 10 00 02 01 03 03 01 05 04 06 06 09 02 04 06 03 01 01 02 03 00 04 11 05 12 21 31 06 13 22 41 51 14 32 61 71 07 15 23 42 81 91 16 52 92 Data Ascii: JFIFHHC""$$"".....0000000000C$$)# #)&($$$(&++))++000000000000000^K!1"AQ2aq#BR
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: cf 1f 78 9e 6b 48 c2 32 f7 9d 57 5a fc cc e5 39 47 dd 57 7d 2f f2 21 82 dc ca 38 2a 32 71 9c f3 f9 56 70 86 ee c6 93 9e de e4 9d cc b0 ca bb 76 b1 3f 0f f9 c5 5f 64 a3 2c 53 29 be 32 8e 6d 0a 7d ae 27 70 55 5b 3d 48 e8 6a 7f e4 8b 78 44 7f c7 24 b2 c7 5a 1e 4b 63 a0 ce da 9d 2e e3 57 b1 b3 14 62 5b 45 60 39 f3 3f 2a f4 23 1d da 69 9e 7c a5 b6 6d 11 43 6f b9 08 90 60 e7 7a 9f 3c 7a 1a ce 1a 76 b3 f1 2f 3d 4a 78 f8 11 af 77 0c c8 c7 ae 7d e2 07 9f 95 55 54 64 9f a9 67 72 8b 44 d7 bd ec 80 46 83 27 ad 69 ad b9 e1 19 e8 ed 59 63 1a d6 25 80 0c 78 bc cf 9e 6a af 4a 2a 25 96 a4 9c 8a 2e a5 73 f0 ae 66 a8 e9 4e c6 1f 0e 3e 26 ab c1 6e 47 ac 33 49 c8 8d 8d 59 42 4f a3 2a e7 15 d5 12 35 9d c0 56 04 63 d3 35 67 a5 32 ab 56 03 45 a3 77 7d f6 41 02 a3 c2 75 b8 9f 15 Data Ascii: xkH2WZ9GW}/!82qVpv?_d,S)2m}'pU[=HjxD$ZKc.Wb[E`9?#i\|mCo`z<zv/=Jxw}UTdgrDF'iYc%xjJ%.sfN>&nG3IYBO5Vc5g2VEw}Au
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: d4 86 de e4 ba 51 06 a9 a8 6a 50 fd 1f 68 b2 47 77 70 92 9b 89 d5 dd 24 75 7d aa 4e 01 39 ce 07 a5 36 f9 9a f8 0d de 54 fe 27 19 23 ca 31 86 18 38 c0 27 c5 5d 12 72 fd f2 73 a5 1f df 07 a0 6b da bd e6 9f d8 9e cf db 5a 4a f6 de d4 b3 17 28 c5 1c 88 9c 61 77 2f 3f 7f 9a a3 51 f1 25 7e 85 d3 97 87 1a f5 20 9a 69 b5 bf a3 82 fa 84 bd e4 d6 3a 92 c5 04 f3 78 d9 53 62 12 19 cf 24 7d a1 fd d5 9b 8a f1 29 60 d1 49 f8 76 f2 6a f6 e2 18 21 b9 b7 d2 e1 d7 e3 d1 2c ec a2 45 86 cc 2c c0 ff 00 de 4c 43 06 b3 e9 c7 53 4e bc f4 31 fb 4f a9 e9 57 ba 36 8d 14 9a 92 6a 9a b5 ac dd d4 97 48 8e 8c d0 f2 46 ed e0 64 8f 0f 35 68 e3 9e 19 59 67 8e 50 df a4 bd 67 53 b8 ed 4d ce 8e d7 4f 0e 9b 08 85 5a 15 38 8d 8b 22 4b b9 c7 01 b0 4f 9f a5 46 9c 7a 93 a8 fa 1d 0f 6c e1 48 2e ad Data Ascii: QjPhGwp$u}N96T'#18']rskZJ(aw/?Q%~ i:xSb$})`Ivj!,E,LCSN1OW6jHFd5hYgPgSMOZ8"KOFzlH.
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 64 47 93 62 30 3d 70 4f e3 5c e9 47 c2 6f ef ee a3 a5 b9 78 a9 7d cd b6 72 c3 e9 03 59 fa d4 4e 2e 1b d9 7f b0 6c 8c 42 23 ce 04 78 c6 7a 79 e7 35 d0 bd 9f 47 8b 97 07 33 f6 8d 5e 6a 3c 9d 35 8e 9b a6 68 dd b6 bd 7b 58 f6 5b 4f a7 bd d3 5b 0c 6c 1b b1 b9 54 79 03 b7 a5 73 ff 00 fc 7a de e3 a3 ff 00 ed d2 b6 98 3d 97 fa 40 d5 b5 2e d2 c3 a5 de 94 b8 b0 bd 66 84 c1 b5 04 6a 8c 3c 21 40 5e 80 71 51 27 05 69 2c ae 25 64 c1 4d d3 6f 0f 98 d1 c2 eb d1 77 1d a1 d4 2d a0 c2 a5 ad cc d1 47 e5 e0 8e 46 51 9f c0 53 74 a4 ef a8 db 18 aa e8 76 7a 2d d9 ec e7 62 bf 48 2d 52 3f ad b5 4b a3 6c b7 2c bb bb 88 d4 1e 83 d7 c0 4f c7 3c f4 a8 f7 e7 e6 27 dc 87 94 d5 fa 3c ed 36 a7 ab 6b be cb ac 3a df 3a 45 24 96 97 45 02 cb 17 40 e9 e0 03 c2 c3 d7 e1 51 a9 a7 b7 a9 3a 7a 9b Data Ascii: dGb0=pO\Gox}rYN.lB#xzy5G3^j<5h{X[O[lTysz=@.fj<!@^qQ'i,%dMow-GFQStvz-bH-R?Kl,O<'<6k::E$E@Q:z
2024-07-01 21:33:49 UTC	3012	IN	Data Raw: 2a 01 0b 4f dd b8 59 57 68 63 e1 71 c8 fc 7d 2b 37 3a 75 25 f3 34 50 b5 71 7f 22 66 9a 28 9b 66 32 d8 c8 c7 19 f9 1e 95 a3 9c 62 eb a9 9a 84 a4 af a1 44 dd ca f2 6c ef 71 19 38 07 1c 94 ff 00 6a e7 f1 64 dd 5e 2f f0 3a 7c 28 a5 75 9a fc 42 3b c9 21 1d d3 6e ee f7 61 24 e9 c7 c0 79 f1 48 eb 38 f9 5d d5 e1 89 69 29 79 95 5d 65 17 3b e8 de 52 10 6f 51 d5 81 c0 ff 00 de b7 de 9c b1 93 9f 63 51 ce 05 3f 95 49 02 54 12 19 a0 14 54 90 2d 48 17 e5 42 02 80 28 02 80 5a 01 28 03 14 02 e2 80 4a 00 e6 80 28 05 a9 02 54 00 a0 12 84 8b 42 02 80 4a 12 14 20 5a 00 a0 32 84 de cf 3e e4 ca a6 70 ea 78 cf e7 5c 4a 7b 25 8e 3a a3 b7 66 f8 e7 9e 8c 96 d7 ba 8e 39 09 91 44 8f ee ae 7a 0e a2 af a7 b5 27 95 6c a6 a6 e6 d6 1d 20 b0 96 dd 06 24 3f 68 ed c6 7a 73 eb 4d 09 41 73 cb Data Ascii: *OYWhcq}+7:u%4Pq"f(f2bDlq8jd^/:\|(uB;!na$yH8]i)y]e;RoQcQ?ITT-HB(Z(J(TBJ Z2>px\J{%:f9Dz'l $?hzsMAs

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	998	OUT	GET /maps/embed?pb=!1m16!1m12!1m3!1d733779.3929688331!2d-121.55040872304738!3d44.07662963121452!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!2m1!1smid%20oregon%20credit%20union%20oregon!5e0!3m2!1sen!2sus!4v1576699410579!5m2!1sen!2sus HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	739	IN	HTTP/1.1 200 OK Expires: Fri, 01 Jan 1990 00:00:00 GMT X-Robots-Tag: noindex,nofollow Cache-Control: no-cache, must-revalidate Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-OztrTA_dOuaJ0Ftqo0IsVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1 Pragma: no-cache Content-Type: text/html; charset=UTF-8 Vary: X-Origin Vary: Referer Date: Mon, 01 Jul 2024 21:33:49 GMT Server: scaffolding on HTTPServer2 X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Origin,Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-07-01 21:33:49 UTC	651	IN	Data Raw: 64 39 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 2c 20 23 6d 61 70 44 69 76 20 7b 0a 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 69 76 20 69 64 3d 22 6d 61 70 44 69 76 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 0a 20 20 20 20 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 4f 7a 74 72 54 41 5f Data Ascii: d92<!DOCTYPE html><html> <head> <style type="text/css"> html, body, #mapDiv { height: 100%; margin: 0; padding: 0; } </style> </head> <body> <div id="mapDiv"></div> <script nonce="OztrTA_
2024-07-01 21:33:49 UTC	1390	IN	Data Raw: 33 34 22 5d 2c 22 2f 67 2f 31 74 6a 35 6b 77 6e 7a 22 2c 6e 75 6c 6c 2c 5b 34 34 30 36 35 33 38 35 36 2c 33 30 38 31 39 33 32 30 31 38 5d 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 67 63 69 64 3a 63 72 65 64 69 74 5f 75 6e 69 6f 6e 22 5d 2c 5b 5b 22 36 31 30 34 38 34 36 39 38 33 35 35 32 33 35 37 36 35 31 22 2c 22 31 34 36 33 30 30 32 37 33 36 38 37 38 32 34 33 36 31 35 22 5d 2c 22 2f 67 2f 31 74 64 6b 39 74 36 37 22 2c 6e 75 6c 6c 2c 5b 34 34 30 36 34 34 30 38 37 2c 33 30 38 32 33 32 35 30 37 39 5d 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c Data Ascii: 34"],"/g/1tj5kwnz",null,[440653856,3081932018],null,null,null,null,null,null,null,null,null,null,"gcid:credit_union"],[["6104846983552357651","1463002736878243615"],"/g/1tdk9t67",null,[440644087,3082325079],null,null,null,null,null,null,null,null,null,nul
2024-07-01 21:33:49 UTC	1390	IN	Data Raw: 67 65 5f 6c 65 6e 64 65 72 22 2c 6e 75 6c 6c 2c 30 2e 37 33 36 36 37 38 34 38 31 31 30 31 39 38 39 37 5d 2c 5b 22 66 69 6e 61 6e 63 69 61 6c 5f 69 6e 73 74 69 74 75 74 69 6f 6e 22 2c 6e 75 6c 6c 2c 30 2e 37 32 32 30 37 31 34 36 38 38 33 30 31 30 38 36 5d 2c 5b 22 62 61 6e 6b 22 2c 6e 75 6c 6c 2c 30 2e 37 31 36 32 32 38 36 36 33 39 32 31 33 35 36 32 5d 2c 5b 22 61 74 6d 22 2c 6e 75 6c 6c 2c 30 2e 37 31 32 33 33 33 35 30 30 33 38 35 32 38 34 34 5d 2c 5b 22 6e 6f 74 61 72 79 5f 70 75 62 6c 69 63 22 2c 6e 75 6c 6c 2c 30 2e 36 39 33 38 33 31 33 32 34 35 37 37 33 33 31 35 5d 2c 5b 22 62 75 73 69 6e 65 73 73 5f 74 6f 5f 62 75 73 69 6e 65 73 73 5f 73 65 72 76 69 63 65 22 2c 6e 75 6c 6c 2c 30 2e 34 39 36 31 35 30 32 35 35 32 30 33 32 34 37 31 5d 2c 5b 22 61 73 73 Data Ascii: ge_lender",null,0.7366784811019897],["financial_institution",null,0.7220714688301086],["bank",null,0.7162286639213562],["atm",null,0.7123335003852844],["notary_public",null,0.6938313245773315],["business_to_business_service",null,0.4961502552032471],["ass
2024-07-01 21:33:49 UTC	50	IN	Data Raw: 6f 30 49 73 56 67 22 20 61 73 79 6e 63 20 64 65 66 65 72 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: o0IsVg" async defer></script> </body></html>
2024-07-01 21:33:49 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	531	OUT	GET /js/jquery.js HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	502	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:54 GMT Accept-Ranges: bytes Content-Length: 89476 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:49 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: application/javascript
2024-07-01 21:33:49 UTC	7690	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 Data Ascii: /! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 65 78 74 53 69 62 6c 69 6e 67 29 69 66 28 6e 3d 3d 3d 74 29 72 65 74 75 72 6e 2d 31 3b 72 65 74 75 72 6e 20 65 3f 31 3a 2d 31 7d 66 75 6e 63 74 69 6f 6e 20 64 65 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 69 6e 70 75 74 22 3d 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 65 2e 74 79 70 65 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 68 65 28 6e 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 28 22 69 6e 70 75 74 22 3d 3d 3d 74 7c 7c 22 62 75 74 74 6f 6e 22 3d 3d 3d 74 29 26 26 65 2e 74 79 70 65 3d 3d 3d 6e 7d 7d 66 75 6e 63 74 69 6f 6e 20 67 65 28 Data Ascii: extSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t\|\|"button"===t)&&e.type===n}}function ge(
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 22 29 29 7d 7d 2c 43 48 49 4c 44 3a 66 75 6e 63 74 69 6f 6e 28 68 2c 65 2c 74 2c 67 2c 76 29 7b 76 61 72 20 79 3d 22 6e 74 68 22 21 3d 3d 68 2e 73 6c 69 63 65 28 30 2c 33 29 2c 6d 3d 22 6c 61 73 74 22 21 3d 3d 68 2e 73 6c 69 63 65 28 2d 34 29 2c 78 3d 22 6f 66 2d 74 79 70 65 22 3d 3d 3d 65 3b 72 65 74 75 72 6e 20 31 3d 3d 3d 67 26 26 30 3d 3d 3d 76 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 21 21 65 2e 70 61 72 65 6e 74 4e 6f 64 65 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 2c 61 2c 73 2c 75 2c 6c 3d 79 21 3d 3d 6d 3f 22 6e 65 78 74 53 69 62 6c 69 6e 67 22 3a 22 70 72 65 76 69 6f 75 73 53 69 62 6c 69 6e 67 22 2c 63 3d 65 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 66 3d 78 26 26 65 2e 6e 6f 64 65 4e 61 6d 65 2e Data Ascii: "))}},CHILD:function(h,e,t,g,v){var y="nth"!==h.slice(0,3),m="last"!==h.slice(-4),x="of-type"===e;return 1===g&&0===v?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 56 61 6c 75 65 7d 29 2c 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 69 73 61 62 6c 65 64 22 29 7d 29 7c 7c 66 65 28 52 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3b 69 66 28 21 6e 29 72 65 74 75 72 6e 21 30 3d 3d 3d 65 5b 74 5d 3f 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3a 28 72 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 74 29 29 26 26 72 2e 73 70 65 63 69 66 69 65 64 3f 72 2e 76 61 6c 75 65 3a 6e 75 6c 6c 7d 29 2c 73 65 7d 28 43 29 3b 53 2e 66 69 6e 64 3d 64 2c 53 2e 65 78 70 72 3d 64 2e 73 65 6c 65 63 74 6f 72 73 2c 53 2e 65 78 70 72 5b 22 3a 22 5d 3d 53 2e 65 78 70 72 2e 70 73 65 Data Ascii: urn e.defaultValue}),ce(function(e){return null==e.getAttribute("disabled")})\|\|fe(R,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),se}(C);S.find=d,S.expr=d.selectors,S.expr[":"]=S.expr.pse
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 65 2e 73 74 61 63 6b 2c 74 29 7d 2c 53 2e 72 65 61 64 79 45 78 63 65 70 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 43 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 65 7d 29 7d 3b 76 61 72 20 46 3d 53 2e 44 65 66 65 72 72 65 64 28 29 3b 66 75 6e 63 74 69 6f 6e 20 42 28 29 7b 45 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 42 29 2c 43 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 42 29 2c 53 2e 72 65 61 64 79 28 29 7d 53 2e 66 6e 2e 72 65 61 64 79 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 46 2e 74 68 65 6e 28 65 29 5b 22 63 61 74 63 68 22 5d 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b Data Ascii: e.stack,t)},S.readyException=function(e){C.setTimeout(function(){throw e})};var F=S.Deferred();function B(){E.removeEventListener("DOMContentLoaded",B),C.removeEventListener("load",B),S.ready()}S.fn.ready=function(e){return F.then(e)["catch"](function(e){
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 43 65 28 29 7b 72 65 74 75 72 6e 21 30 7d 66 75 6e 63 74 69 6f 6e 20 45 65 28 29 7b 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 53 65 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 45 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 7d 63 61 74 63 68 28 65 29 7b 7d 7d 28 29 3d 3d 28 22 66 6f 63 75 73 22 3d 3d 3d 74 29 7d 66 75 6e 63 74 69 6f 6e 20 6b 65 28 65 2c 74 2c 6e 2c 72 2c 69 2c 6f 29 7b 76 61 72 20 61 2c 73 3b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 29 7b 66 6f 72 28 73 20 69 6e 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 6e 26 26 28 72 3d 72 7c 7c 6e 2c 6e 3d 76 6f 69 64 20 30 29 2c 74 29 6b 65 28 65 2c 73 2c 6e 2c 72 2c 74 5b 73 5d 2c 6f 29 3b Data Ascii: Ce(){return!0}function Ee(){return!1}function Se(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function ke(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r\|\|n,n=void 0),t)ke(e,s,n,r,t[s],o);
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 2c 69 2c 6f 2c 61 2c 73 3b 69 66 28 31 3d 3d 3d 74 2e 6e 6f 64 65 54 79 70 65 29 7b 69 66 28 59 2e 68 61 73 44 61 74 61 28 65 29 26 26 28 73 3d 59 2e 67 65 74 28 65 29 2e 65 76 65 6e 74 73 29 29 66 6f 72 28 69 20 69 6e 20 59 2e 72 65 6d 6f 76 65 28 74 2c 22 68 61 6e 64 6c 65 20 65 76 65 6e 74 73 22 29 2c 73 29 66 6f 72 28 6e 3d 30 2c 72 3d 73 5b 69 5d 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 53 2e 65 76 65 6e 74 2e 61 64 64 28 74 2c 69 2c 73 5b 69 5d 5b 6e 5d 29 3b 51 2e 68 61 73 44 61 74 61 28 65 29 26 26 28 6f 3d 51 2e 61 63 63 65 73 73 28 65 29 2c 61 3d 53 2e 65 78 74 65 6e 64 28 7b 7d 2c 6f 29 2c 51 2e 73 65 74 28 74 2c 61 29 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 50 65 28 6e 2c 72 2c 69 2c 6f 29 7b 72 3d 67 28 72 29 3b 76 61 72 20 65 2c 74 2c 61 Data Ascii: ,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n<r;n++)S.event.add(t,i,s[i][n]);Q.hasData(e)&&(o=Q.access(e),a=S.extend({},o),Q.set(t,a))}}function Pe(n,r,i,o){r=g(r);var e,t,a
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 74 22 69 6e 20 61 26 26 76 6f 69 64 20 30 21 3d 3d 28 69 3d 61 2e 67 65 74 28 65 2c 21 31 2c 72 29 29 3f 69 3a 6c 5b 74 5d 3b 22 73 74 72 69 6e 67 22 3d 3d 3d 28 6f 3d 74 79 70 65 6f 66 20 6e 29 26 26 28 69 3d 74 65 2e 65 78 65 63 28 6e 29 29 26 26 69 5b 31 5d 26 26 28 6e 3d 73 65 28 65 2c 74 2c 69 29 2c 6f 3d 22 6e 75 6d 62 65 72 22 29 2c 6e 75 6c 6c 21 3d 6e 26 26 6e 3d 3d 6e 26 26 28 22 6e 75 6d 62 65 72 22 21 3d 3d 6f 7c 7c 75 7c 7c 28 6e 2b 3d 69 26 26 69 5b 33 5d 7c 7c 28 53 2e 63 73 73 4e 75 6d 62 65 72 5b 73 5d 3f 22 22 3a 22 70 78 22 29 29 2c 79 2e 63 6c 65 61 72 43 6c 6f 6e 65 53 74 79 6c 65 7c 7c 22 22 21 3d 3d 6e 7c 7c 30 21 3d 3d 74 2e 69 6e 64 65 78 4f 66 28 22 62 61 63 6b 67 72 6f 75 6e 64 22 29 7c 7c 28 6c 5b 74 5d 3d 22 69 6e 68 65 72 69 Data Ascii: t"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=te.exec(n))&&i[1]&&(n=se(e,t,i),o="number"),null!=n&&n==n&&("number"!==o\|\|u\|\|(n+=i&&i[3]\|\|(S.cssNumber[s]?"":"px")),y.clearCloneStyle\|\|""!==n\|\|0!==t.indexOf("background")\|\|(l[t]="inheri
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 6f 72 28 74 3d 6e 2e 6c 65 6e 67 74 68 3b 74 2d 2d 3b 29 6e 5b 74 5d 2e 65 6c 65 6d 21 3d 3d 74 68 69 73 7c 7c 6e 75 6c 6c 21 3d 69 26 26 6e 5b 74 5d 2e 71 75 65 75 65 21 3d 3d 69 7c 7c 28 6e 5b 74 5d 2e 61 6e 69 6d 2e 73 74 6f 70 28 6f 29 2c 65 3d 21 31 2c 6e 2e 73 70 6c 69 63 65 28 74 2c 31 29 29 3b 21 65 26 26 6f 7c 7c 53 2e 64 65 71 75 65 75 65 28 74 68 69 73 2c 69 29 7d 29 7d 2c 66 69 6e 69 73 68 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 21 31 21 3d 3d 61 26 26 28 61 3d 61 7c 7c 22 66 78 22 29 2c 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 3d 59 2e 67 65 74 28 74 68 69 73 29 2c 6e 3d 74 5b 61 2b 22 71 75 65 75 65 22 5d 2c 72 3d 74 5b 61 2b 22 71 75 65 75 65 48 6f 6f 6b 73 22 5d 2c 69 3d 53 2e 74 Data Ascii: or(t=n.length;t--;)n[t].elem!==this\|\|null!=i&&n[t].queue!==i\|\|(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o\|\|S.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a\|\|"fx"),this.each(function(){var e,t=Y.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=S.t
2024-07-01 21:33:49 UTC	8000	IN	Data Raw: 74 28 29 29 3b 72 65 74 75 72 6e 20 65 2e 74 79 70 65 3d 64 2c 72 7c 7c 65 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 7c 7c 63 2e 5f 64 65 66 61 75 6c 74 26 26 21 31 21 3d 3d 63 2e 5f 64 65 66 61 75 6c 74 2e 61 70 70 6c 79 28 70 2e 70 6f 70 28 29 2c 74 29 7c 7c 21 56 28 6e 29 7c 7c 75 26 26 6d 28 6e 5b 64 5d 29 26 26 21 78 28 6e 29 26 26 28 28 61 3d 6e 5b 75 5d 29 26 26 28 6e 5b 75 5d 3d 6e 75 6c 6c 29 2c 53 2e 65 76 65 6e 74 2e 74 72 69 67 67 65 72 65 64 3d 64 2c 65 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 26 26 66 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 64 2c 77 74 29 2c 6e 5b 64 5d 28 29 2c 65 2e 69 73 50 72 6f 70 61 67 61 74 69 6f 6e 53 74 6f 70 70 65 64 28 29 26 26 66 2e 72 65 6d 6f 76 65 Data Ascii: t());return e.type=d,r\|\|e.isDefaultPrevented()\|\|c._default&&!1!==c._default.apply(p.pop(),t)\|\|!V(n)\|\|u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),S.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,wt),n[d](),e.isPropagationStopped()&&f.remove

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	530	OUT	GET /js/fw-loader.js HTTP/1.1 Host: feed.mikle.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	281	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 4189 Connection: close Server: nginx Last-Modified: Wed, 07 Feb 2024 09:14:24 GMT ETag: "65c349f0-105d" Cache-Control: no-cache Accept-Ranges: bytes
2024-07-01 21:33:49 UTC	4189	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 64 2c 20 77 29 20 7b 0a 09 66 75 6e 63 74 69 6f 6e 20 66 77 43 75 72 72 65 6e 74 53 63 72 69 70 74 28 65 29 20 7b 0a 09 09 69 66 20 28 21 65 29 20 7b 0a 09 09 09 76 61 72 20 73 63 72 69 70 74 73 20 3d 20 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 73 63 72 69 70 74 27 29 3b 0a 09 09 09 66 6f 72 20 28 76 61 72 20 69 20 3d 20 73 63 72 69 70 74 73 2e 6c 65 6e 67 74 68 20 2d 20 31 3b 20 69 20 3e 3d 20 30 3b 20 69 2d 2d 29 20 7b 0a 09 09 09 09 69 66 20 28 73 63 72 69 70 74 73 5b 69 5d 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 66 77 2d 70 61 72 61 6d 22 29 29 20 72 65 74 75 72 6e 20 73 63 72 69 70 74 73 5b 69 5d 3b 0a 09 09 09 7d 0a 09 09 7d 20 65 6c 73 65 20 69 66 20 28 65 2e 6e 6f 64 Data Ascii: (function(d, w) {function fwCurrentScript(e) {if (!e) {var scripts = d.getElementsByTagName('script');for (var i = scripts.length - 1; i >= 0; i--) {if (scripts[i].getAttribute("data-fw-param")) return scripts[i];}} else if (e.nod

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	558	OUT	GET /sifitag/73fcc20f-faf5-487d-8165-57e69981a322 HTTP/1.1 Host: tag.simpli.fi Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:49 UTC	690	IN	HTTP/1.1 200 OK Server: openresty Date: Mon, 01 Jul 2024 21:33:49 GMT Content-Type: application/javascript; charset=utf-8 Content-Length: 3101 Connection: close Vary: Accept-Encoding Set-Cookie: suid=AC32D053B469479CB9B9C6587A4519D0; Path=/; domain=simpli.fi; Expires=Wed, 02-Jul-25 21:33:49 GMT; SameSite=none; Secure; Set-Cookie: suid_legacy=AC32D053B469479CB9B9C6587A4519D0; Path=/; domain=simpli.fi; Expires=Wed, 02-Jul-25 21:33:49 GMT; Secure; cache-control: max-age=0, private, must-revalidate x-request-id: F940UOs0qChot1PWP7iC Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT
2024-07-01 21:33:49 UTC	3101	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 70 61 72 73 65 49 6e 74 28 28 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 7c 7c 22 6c 6f 63 61 6c 22 29 2e 73 75 62 73 74 72 69 6e 67 28 30 2c 31 30 29 2c 33 36 29 2c 63 3d 22 73 69 66 69 5f 61 74 74 5f 22 2b 62 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 61 5b 63 5d 29 72 65 74 75 72 6e 20 76 6f 69 64 20 61 5b 63 5d 2e 72 75 6e 28 29 3b 63 6c 61 73 73 20 53 69 66 69 43 6d 70 43 6f 6d 70 6c 69 61 6e 63 65 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 74 63 44 61 74 61 3d 61 2c 74 68 69 73 2e 73 69 66 69 56 65 6e 64 6f 72 49 64 3d 22 37 33 22 7d 63 68 65 63 6b 43 6f 6e 73 65 6e 74 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 6f 75 74 4f 66 42 61 6e Data Ascii: (function(a){var b=parseInt((location.hostname\|\|"local").substring(0,10),36),c="sifi_att_"+b;if("undefined"!=typeof a[c])return void a[c].run();class SifiCmpCompliance{constructor(a){this.tcData=a,this.sifiVendorId="73"}checkConsent(){return this.outOfBan

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	534	OUT	GET /js/functions.js HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:50 UTC	502	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:54 GMT Accept-Ranges: bytes Content-Length: 47745 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:49 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: application/javascript
2024-07-01 21:33:50 UTC	7690	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 65 2c 69 2c 6e 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 6e 3a 28 65 5b 69 5d 3d 6e 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 26 26 64 65 66 69 6e 65 28 69 2c 5b 5d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 7d 29 29 7d 28 74 68 69 73 2c 22 6a 52 65 73 70 6f 6e 64 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 69 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 69 3d 5b 5d 2c Data Ascii: !function(e,i,n){"object"==typeof module&&module&&"object"==typeof module.exports?module.exports=n:(e[i]=n,"function"==typeof define&&define.amd&&define(i,[],function(){return n}))}(this,"jRespond",function(e,i,n){"use strict";return function(e){var i=[],
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 2e 70 61 67 65 2d 74 72 61 6e 73 69 74 69 6f 6e 22 2c 66 69 6c 65 3a 22 70 6c 75 67 69 6e 73 2e 70 61 67 65 74 72 61 6e 73 69 74 69 6f 6e 2e 6a 73 22 2c 65 72 72 6f 72 3a 22 70 6c 75 67 69 6e 73 2e 70 61 67 65 74 72 61 6e 73 69 74 69 6f 6e 2e 6a 73 3a 20 50 6c 75 67 69 6e 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 22 2c 65 78 65 63 66 6e 3a 22 53 45 4d 49 43 4f 4c 4f 4e 5f 70 61 67 65 54 72 61 6e 73 69 74 69 6f 6e 49 6e 69 74 22 2c 70 6c 75 67 69 6e 66 6e 3a 22 24 28 29 2e 61 6e 69 6d 73 69 74 69 6f 6e 22 2c 74 72 69 67 67 65 72 3a 22 70 6c 75 67 69 6e 50 61 67 65 54 72 61 6e 73 69 74 69 6f 6e 52 65 61 64 79 22 2c 63 6c 61 73 73 3a 22 68 61 73 2d 70 6c 75 67 69 6e 2d 61 6e 69 6d 73 69 74 69 6f 6e 22 7d 29 7d 2c 6c 61 7a 79 4c 6f 61 64 3a Data Ascii: .page-transition",file:"plugins.pagetransition.js",error:"plugins.pagetransition.js: Plugin could not be loaded",execfn:"SEMICOLON_pageTransitionInit",pluginfn:"$().animsition",trigger:"pluginPageTransitionReady",class:"has-plugin-animsition"})},lazyLoad:
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 74 65 78 74 2f 63 73 73 22 2c 73 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 54 65 78 74 4e 6f 64 65 28 6e 29 29 7d 7d 2c 73 74 69 63 6b 79 4d 65 6e 75 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 3d 61 2e 73 63 72 6f 6c 6c 54 6f 70 28 29 2c 28 6f 2e 68 61 73 43 6c 61 73 73 28 22 64 65 76 69 63 65 2d 78 6c 22 29 7c 7c 6f 2e 68 61 73 43 6c 61 73 73 28 22 64 65 76 69 63 65 2d 6c 67 22 29 29 26 26 28 69 3e 65 3f 6f 2e 68 61 73 43 6c 61 73 73 28 22 73 69 64 65 2d 68 65 61 64 65 72 22 29 7c 7c 28 64 2e 66 69 6c 74 65 72 28 22 3a 6e 6f 74 28 2e 6e 6f 2d 73 74 69 63 6b 79 29 22 29 2e 61 64 64 43 6c 61 73 73 28 22 73 74 69 63 6b 79 2d 68 65 61 64 65 72 22 29 2c 53 45 4d 49 43 4f 4c 4f 4e 2e 68 65 61 64 65 72 2e 73 74 69 63 6b Data Ascii: text/css",s.appendChild(document.createTextNode(n))}},stickyMenu:function(e){i=a.scrollTop(),(o.hasClass("device-xl")\|\|o.hasClass("device-lg"))&&(i>e?o.hasClass("side-header")\|\|(d.filter(":not(.no-sticky)").addClass("sticky-header"),SEMICOLON.header.stick
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 66 73 65 74 28 29 2c 6c 3d 51 2e 6f 75 74 65 72 48 65 69 67 68 74 28 29 3b 74 3d 77 69 6e 64 6f 77 2e 73 63 72 6f 6c 6c 58 2c 73 3d 77 69 6e 64 6f 77 2e 73 63 72 6f 6c 6c 59 2c 21 6f 2e 68 61 73 43 6c 61 73 73 28 22 64 65 76 69 63 65 2d 78 6c 22 29 26 26 21 6f 2e 68 61 73 43 6c 61 73 73 28 22 64 65 76 69 63 65 2d 6c 67 22 29 7c 7c 53 45 4d 49 43 4f 4c 4f 4e 2e 69 73 4d 6f 62 69 6c 65 2e 61 6e 79 28 29 3f 51 2e 66 69 6e 64 28 22 2e 73 6c 69 64 65 72 2d 69 6e 6e 65 72 22 29 2e 6c 65 6e 67 74 68 3e 30 3f 28 53 45 4d 49 43 4f 4c 4f 4e 2e 73 6c 69 64 65 72 2e 73 6c 69 64 65 72 50 61 72 61 6c 6c 61 78 53 65 74 28 30 2c 30 2c 69 65 29 2c 53 45 4d 49 43 4f 4c 4f 4e 2e 73 6c 69 64 65 72 2e 73 6c 69 64 65 72 50 61 72 61 6c 6c 61 78 53 65 74 28 30 2c 30 2c 65 65 29 Data Ascii: fset(),l=Q.outerHeight();t=window.scrollX,s=window.scrollY,!o.hasClass("device-xl")&&!o.hasClass("device-lg")\|\|SEMICOLON.isMobile.any()?Q.find(".slider-inner").length>0?(SEMICOLON.slider.sliderParallaxSet(0,0,ie),SEMICOLON.slider.sliderParallaxSet(0,0,ee)
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 7b 65 6c 65 6d 65 6e 74 3a 65 2c 64 65 66 61 75 6c 74 3a 22 2e 61 63 63 6f 72 64 69 6f 6e 22 2c 66 69 6c 65 3a 22 70 6c 75 67 69 6e 73 2e 61 63 63 6f 72 64 69 6f 6e 73 2e 6a 73 22 2c 65 72 72 6f 72 3a 22 70 6c 75 67 69 6e 73 2e 61 63 63 6f 72 64 69 6f 6e 73 2e 6a 73 3a 20 50 6c 75 67 69 6e 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 22 2c 65 78 65 63 66 6e 3a 22 53 45 4d 49 43 4f 4c 4f 4e 5f 61 63 63 6f 72 64 69 6f 6e 73 49 6e 69 74 22 2c 70 6c 75 67 69 6e 66 6e 3a 27 74 79 70 65 6f 66 20 73 63 77 41 63 63 6f 72 64 69 6f 6e 73 50 6c 75 67 69 6e 20 21 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 27 2c 74 72 69 67 67 65 72 3a 22 70 6c 75 67 69 6e 41 63 63 6f 72 64 69 6f 6e 73 52 65 61 64 79 22 2c 63 6c 61 73 73 3a 22 68 61 73 2d 70 6c 75 67 69 Data Ascii: {element:e,default:".accordion",file:"plugins.accordions.js",error:"plugins.accordions.js: Plugin could not be loaded",execfn:"SEMICOLON_accordionsInit",pluginfn:'typeof scwAccordionsPlugin !== "undefined"',trigger:"pluginAccordionsReady",class:"has-plugi
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 74 69 66 79 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6c 65 74 20 69 3d 7b 65 6c 65 6d 65 6e 74 3a 65 2c 64 65 66 61 75 6c 74 3a 22 2e 67 64 70 72 2d 73 65 74 74 69 6e 67 73 2c 5b 64 61 74 61 2d 63 6f 6f 6b 69 65 73 5d 22 2c 66 69 6c 65 3a 22 70 6c 75 67 69 6e 73 2e 63 6f 6f 6b 69 65 2e 6a 73 22 2c 65 72 72 6f 72 3a 22 70 6c 75 67 69 6e 73 2e 63 6f 6f 6b 69 65 2e 6a 73 3a 20 50 6c 75 67 69 6e 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 22 2c 65 78 65 63 66 6e 3a 22 53 45 4d 49 43 4f 4c 4f 4e 5f 63 6f 6f 6b 69 65 49 6e 69 74 22 2c 70 6c 75 67 69 6e 66 6e 3a 27 74 79 70 65 6f 66 20 43 6f 6f 6b 69 65 73 20 21 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 27 2c 74 72 69 67 67 65 72 3a 22 70 6c 75 67 69 6e 43 6f 6f 6b 69 65 52 65 61 64 79 22 2c 63 6c Data Ascii: tify:function(e){let i={element:e,default:".gdpr-settings,[data-cookies]",file:"plugins.cookie.js",error:"plugins.cookie.js: Plugin could not be loaded",execfn:"SEMICOLON_cookieInit",pluginfn:'typeof Cookies !== "undefined"',trigger:"pluginCookieReady",cl
2024-07-01 21:33:50 UTC	55	IN	Data Raw: 3d 45 26 26 53 45 4d 49 43 4f 4c 4f 4e 2e 64 6f 63 75 6d 65 6e 74 4f 6e 52 65 73 69 7a 65 2e 69 6e 69 74 28 29 7d 2c 32 35 30 29 7d 29 7d 28 6a 51 75 65 72 79 29 3b Data Ascii: =E&&SEMICOLON.documentOnResize.init()},250)})}(jQuery);

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:49 UTC	541	OUT	GET /js/smart-app-banner.js HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:50 UTC	502	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:49 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 17:03:56 GMT Accept-Ranges: bytes Content-Length: 17111 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:49 GMT Vary: Accept-Encoding,User-Agent Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: application/javascript
2024-07-01 21:33:50 UTC	7690	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 72 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 72 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 5d 2c 72 29 3a 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 77 69 6e 64 6f 77 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 3f 67 6c 6f 62 61 6c 3a 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 3f 73 65 6c 66 3a 74 68 69 73 29 2e 53 6d 61 72 74 42 61 6e Data Ascii: (function(r){"object"===typeof exports&&"undefined"!==typeof module?module.exports=r():"function"===typeof define&&define.amd?define([],r):("undefined"!==typeof window?window:"undefined"!==typeof global?global:"undefined"!==typeof self?self:this).SmartBan
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 2e 5d 2b 29 2f 69 5d 2c 0d 0a 5b 5b 22 6e 61 6d 65 22 2c 22 43 68 72 6f 6d 65 22 5d 2c 22 76 65 72 73 69 6f 6e 22 5d 2c 5b 2f 58 69 61 6f 4d 69 5c 2f 4d 69 75 69 42 72 6f 77 73 65 72 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 2f 69 5d 2c 5b 22 76 65 72 73 69 6f 6e 22 2c 5b 22 6e 61 6d 65 22 2c 22 4d 49 55 49 20 42 72 6f 77 73 65 72 22 5d 5d 2c 5b 2f 61 6e 64 72 6f 69 64 2e 2b 76 65 72 73 69 6f 6e 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 5c 73 2b 28 3f 3a 6d 6f 62 69 6c 65 5c 73 3f 73 61 66 61 72 69 7c 73 61 66 61 72 69 29 2f 69 5d 2c 5b 22 76 65 72 73 69 6f 6e 22 2c 5b 22 6e 61 6d 65 22 2c 22 41 6e 64 72 6f 69 64 20 42 72 6f 77 73 65 72 22 5d 5d 2c 5b 2f 46 42 41 56 5c 2f 28 5b 5c 77 5c 2e 5d 2b 29 3b 2f 69 5d 2c 5b 22 76 65 72 73 69 6f 6e 22 2c 5b 22 6e 61 6d 65 22 2c 22 Data Ascii: .]+)/i],[["name","Chrome"],"version"],[/XiaoMi\/MiuiBrowser\/([\w\.]+)/i],["version",["name","MIUI Browser"]],[/android.+version\/([\w\.]+)\s+(?:mobile\s?safari\|safari)/i],["version",["name","Android Browser"]],[/FBAV\/([\w\.]+);/i],["version",["name","
2024-07-01 21:33:50 UTC	1421	IN	Data Raw: 63 74 69 6f 6e 28 29 7b 76 61 72 20 62 3d 64 2e 61 70 70 6c 79 28 74 68 69 73 2c 67 2e 62 72 6f 77 73 65 72 29 3b 62 2e 6d 61 6a 6f 72 3d 61 2e 6d 61 6a 6f 72 28 62 2e 76 65 72 73 69 6f 6e 29 3b 72 65 74 75 72 6e 20 62 7d 3b 74 68 69 73 2e 67 65 74 43 50 55 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 2e 61 70 70 6c 79 28 74 68 69 73 2c 67 2e 63 70 75 29 7d 3b 74 68 69 73 2e 67 65 74 44 65 76 69 63 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 2e 61 70 70 6c 79 28 74 68 69 73 2c 67 2e 64 65 76 69 63 65 29 7d 3b 74 68 69 73 2e 67 65 74 45 6e 67 69 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 2e 61 70 70 6c 79 28 74 68 69 73 2c 67 2e 65 6e 67 69 6e 65 29 7d 3b 74 68 69 73 2e 67 65 74 4f 53 3d 66 75 6e 63 Data Ascii: ction(){var b=d.apply(this,g.browser);b.major=a.major(b.version);return b};this.getCPU=function(){return d.apply(this,g.cpu)};this.getDevice=function(){return d.apply(this,g.device)};this.getEngine=function(){return d.apply(this,g.engine)};this.getOS=func

Timestamp	Bytes transferred	Direction	Data
2024-07-01 21:33:50 UTC	603	OUT	GET /images/menu.business.jpg HTTP/1.1 Host: www.midoregon.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.midoregon.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-01 21:33:50 UTC	456	IN	HTTP/1.1 200 OK Date: Mon, 01 Jul 2024 21:33:50 GMT Server: Apache Last-Modified: Thu, 24 Sep 2020 16:56:50 GMT Accept-Ranges: bytes Content-Length: 28451 Cache-Control: max-age=2592000, public Expires: Wed, 31 Jul 2024 21:33:50 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-FRAME-OPTIONS: SAMEORIGIN Connection: close Content-Type: image/jpeg
2024-07-01 21:33:50 UTC	7736	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 0b 08 08 08 09 08 0c 09 09 0c 11 0b 0a 0b 11 14 0f 0c 0c 0f 14 17 12 12 12 12 12 17 18 13 14 14 14 14 13 18 16 1a 1b 1c 1b 1a 16 22 22 24 24 22 22 2e 2e 2e 2e 2e 30 30 30 30 30 30 30 30 30 30 ff db 00 43 01 0c 0c 0c 10 10 10 17 11 11 17 18 14 13 14 18 1e 1b 1c 1c 1b 1e 24 1e 1e 1f 1e 1e 24 29 23 20 20 20 20 23 29 26 28 24 24 24 28 26 2b 2b 29 29 2b 2b 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 ff c0 00 11 08 01 90 01 5e 03 01 11 00 02 11 01 03 11 01 ff c4 00 1b 00 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 02 03 00 01 04 05 06 07 ff c4 00 55 10 00 01 03 02 04 04 02 04 08 08 09 09 08 03 01 00 01 00 02 03 04 11 05 12 21 31 06 13 41 51 22 61 14 32 71 81 07 16 23 42 52 91 a1 b1 Data Ascii: JFIFHHC""$$"".....0000000000C$$)# #)&($$$(&++))++000000000000000^U!1AQ"a2q#BR
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 05 4d 3d 03 cc 4e 17 6b 9e 59 1d c7 70 24 73 49 0a 91 94 17 36 07 8e 6f 92 39 d8 86 1d 5d 86 4e 69 eb a0 7d 3c a3 5c af 16 b8 ee 0e c4 7b 13 ea 5c d1 37 16 b6 67 57 0e e0 fe 27 af 81 b5 34 d4 0f 31 3b 56 b9 ee 64 77 1d c0 91 cd 24 2d da c5 73 61 ec 64 f9 21 35 34 35 d8 74 fe 8f 5d 0b e9 e5 1a e5 78 b5 c7 70 76 23 d8 bb 31 cd 35 b1 c9 92 0e 3c f6 13 54 de 65 33 87 51 a8 f7 27 cc b5 63 6b e2 4f 13 d3 34 72 01 ca 57 94 99 de c5 c9 a1 cc 77 42 5b 6e 3c 7c 04 df 35 99 e7 75 1e 6c a7 2d fc 86 9d 7c 03 65 47 bf 74 4f 33 ea 5f 03 7f fa b8 e8 3d 1b fe b2 13 2d 83 a9 af 0b a7 f8 31 f8 c0 d7 d3 d4 97 e2 42 72 58 c9 b9 ad 6f 3f 36 96 ce d6 b4 9c db 6a 97 71 92 85 f9 99 b8 8b 0d c4 71 7f 84 2c 2a 8b 19 63 3f 07 bb 3b a9 5b 19 2e 63 e3 88 19 5e d7 dc 03 98 e5 01 de 56 Data Ascii: M=NkYp$sI6o9]Ni}<\{\7gW'41;Vdw$-sad!545t]xpv#15<Te3Q'ckO4rWwB[n<\|5ul-\|eGtO3_=-1BrXo?6jqq,*c?;[.c^V
2024-07-01 21:33:50 UTC	8000	IN	Data Raw: 5b 0d 39 f9 4a 69 4e b2 f8 4d 83 2d bf d2 f6 2b 67 cd fd ad 50 bd fa ae 84 b0 e1 fe e6 99 d6 dd 3c 4c b5 7c 38 df c3 30 50 d2 56 d3 4e 6b 25 91 8d 11 38 bb 93 94 e8 24 d3 4d fe c4 63 9f ba e4 e3 25 4b af 53 4b 0f 7b 4a 69 db fc 0e 25 5d 33 e8 ab 6a a8 64 21 cf a7 91 f1 92 36 25 8e 2d 24 7d 4a b0 95 ab f1 57 f8 92 9c 69 fa 3a fc 0e fb f8 42 b4 63 cd c0 f9 d1 73 dc ce 67 33 c5 92 d9 4b bb 5f a2 9f b4 47 b2 ed 29 d0 fe cf 2e d3 b3 b5 62 a6 e1 ba 9a 5a da 0a 07 d5 40 ea ba e7 f2 df 0b 1d 98 d3 bb c3 61 2d b6 f5 be c5 a3 c4 ed 29 53 d3 1f 9f a1 a5 c3 ee a3 6a df cb d4 e8 7c 48 77 3c d1 d4 e2 34 90 56 17 16 c7 4e e7 f8 dd f4 4d ba 66 dc 20 f8 b4 d5 a8 49 ae ac 2b 85 69 d3 9c 53 f0 3c f5 6d 15 4e 1b 57 25 15 58 c9 34 4e b1 1f 68 20 f6 21 5a 13 52 5a 97 26 73 e4 Data Ascii: [9JiNM-+gP<L\|80PVNk%8$Mc%KSK{Ji%]3jd!6%-$}JWi:Bcsg3K_G).bZ@a-)Sj\|Hw<4VNMf I+iS<mNW%X4Nh !ZRZ&s
2024-07-01 21:33:50 UTC	4715	IN	Data Raw: f1 7f fd 7f 9a 3f b8 3b 7c 7e 25 9e 24 c1 45 ff 00 84 6d bf 81 ff 00 aa 8f d1 5c 5f ff 00 5f e6 8f ee 6f 68 c7 e3 f2 65 7c 66 c0 ed 7f 49 d3 f3 24 fd 54 3e 8b e2 be c7 e6 8f ee 6e da 1e 25 7c 66 c0 ff 00 94 ff 00 f0 93 f5 50 fa 33 8a fb 1f 9a 3f b9 bb 68 78 93 e3 3e 07 fc a7 6f f4 72 7e a2 df 46 71 5f 63 e7 1f dc 3d b4 3c 4a f8 d1 81 7f 29 fd 1c 9f aa b7 d1 bc 57 d8 f9 c7 f7 37 6b 0f 12 8f 15 e0 00 d8 d5 7e 8e 4f d4 43 e8 ee 27 ec 7c e3 fb 87 b4 8f 89 7f 1a 70 1f e5 3f a3 93 f5 11 fa 37 8a fb 1f 38 fe e6 ed 61 e2 5f c6 8c 08 9c be 93 af e6 49 fa a8 fd 19 c5 7d 8f cd 1f dc 1d b4 3c 41 77 15 60 0c f5 aa ad 7f f4 72 7e a2 1f 46 f1 5f 63 e7 1f dc 2b 24 5f 26 47 71 56 02 d1 98 d4 e9 fe ce 4f d4 41 ff 00 4d e2 96 fa 3e 71 fd cc b2 c5 f5 16 78 cb 86 c6 f5 9f a3 Data Ascii: ?;\|~%$Em\__ohe\|fI$T>n%\|fP3?hx>or~Fq_c=<J)W7k~OC'\|p?78a_I}<Aw`r~F_c+$_&GqVOAM>qx