URL: http://208.69.196.34/sitemap.asp
Submission: On April 14 via manual from US — Scanned from US

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 44 HTTP transactions. The main IP is 208.69.196.34, located in Anchorage, United States and belongs to AKUSA, US. The main domain is 208.69.196.34.
This is the only time 208.69.196.34 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Community Verdicts: Legitimate2 votes Show Verdicts

Domain & IP information

Apex Domain
Subdomains
Transfer
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1607
insight.adsrvr.org — Cisco Umbrella Rank: 642
match.adsrvr.org — Cisco Umbrella Rank: 355
9 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
90 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 497
109 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
3 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
707 B
2 google.com
www.google.com — Cisco Umbrella Rank: 4
655 B
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8394
prism.app-us1.com — Cisco Umbrella Rank: 8454
6 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 104
15 KB
44 10
Domain Requested by
7 www.googletagmanager.com 208.69.196.34
www.googletagmanager.com
6 cdn.cookielaw.org 208.69.196.34
cdn.cookielaw.org
4 match.adsrvr.org js.adsrvr.org
2 ib.adnxs.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 www.google.com 208.69.196.34
2 js.adsrvr.org www.googletagmanager.com
match.adsrvr.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 cm.g.doubleclick.net 1 redirects
1 insight.adsrvr.org 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 diffuser-cdn.app-us1.com 208.69.196.34
1 www.googleadservices.com www.googletagmanager.com
44 15
Subject Issuer Validity Valid
cookielaw.org
Cloudflare Inc ECC CA-3
2021-06-01 -
2022-05-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-15 -
2022-07-14
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-28 -
2022-06-20
3 months crt.sh

This page contains 5 frames:

Primary Page: http://208.69.196.34/sitemap.asp
Frame ID: 84D6151B89D8EC7020A06AA84729388D
Requests: 40 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
Frame ID: 6FF964BA25885DAA47684AD77023EE2C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-qSfifa9E2uJ5npkZQfvUgft2RjDxLiY-~A&gdpr=0&gdpr_consent=
Frame ID: B898331CD32A32554B7FE93360ED8558
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6953566194632253861&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b
Frame ID: 0B7F7E6CAEB53B2E65BBCAB99128A95E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&google_gid=CAESEJg_l-1pudS47gmpyRXiEFE&google_cver=1
Frame ID: B2541851329AA65BF062321C0AFD05FF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Alaska USA Mortgage Site MapBack ButtonSearch IconFilter IconArrow

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

64 %
HTTPS

50 %
IPv6

10
Domains

15
Subdomains

12
IPs

1
Countries

582 kB
Transfer

1142 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
Request Chain 41
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-qSfifa9E2uJ5npkZQfvUgft2RjDxLiY-~A&gdpr=0&gdpr_consent=
Request Chain 42
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D3ec86c29-2db4-4c4e-887a-b4a22d1a282b HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6953566194632253861&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b
Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2VjODZjMjktMmRiNC00YzRlLTg4N2EtYjRhMjJkMWEyODJi&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&google_gid=CAESEJg_l-1pudS47gmpyRXiEFE&google_cver=1

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sitemap.asp
208.69.196.34/
23 KB
24 KB
Document
General
Full URL
http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c1c93f05a97d71c507eaff617ea8d5e7f06068f8522ea5e5314321e8df0adb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private
Content-Length
23844
Content-Type
text/html
Date
Thu, 14 Apr 2022 18:49:53 GMT
Server
Microsoft-IIS/10.0
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
20 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+q2Bd0SvXowDeesSOf+0yw==
age
8121
vary
Accept-Encoding
content-length
6782
x-ms-lease-status
unlocked
last-modified
Wed, 13 Apr 2022 19:40:30 GMT
server
cloudflare
etag
0x8DA1D85779CF34D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02f9e308-801e-0021-7775-4fb5d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6fbe9fc279e118c4-EWR
akusafonts.css
208.69.196.34/css/
4 KB
5 KB
Stylesheet
General
Full URL
http://208.69.196.34/css/akusafonts.css?20211229155
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f442ea1fb011713124e53144556304d033cbd003a78c85c044416cce292a604c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/css
ETag
"3136c19ffdd71:0"
Accept-Ranges
bytes
Content-Length
4495
X-XSS-Protection
1; mode=block
akusa-base.css
208.69.196.34/css/
28 KB
28 KB
Stylesheet
General
Full URL
http://208.69.196.34/css/akusa-base.css?20211229155
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e27c761954b83486f9c06e2ce6be37d0918667ea5569d83d63797d7ccd7642b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/css
ETag
"af29dc19ffdd71:0"
Accept-Ranges
bytes
Content-Length
28816
X-XSS-Protection
1; mode=block
akusa.css
208.69.196.34/css/
1 KB
1 KB
Stylesheet
General
Full URL
http://208.69.196.34/css/akusa.css?20211229155
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0a8bc977845d322b2a028ff676867741db0f176640b9a83e323d4874cf001c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/css
ETag
"3bb3e519ffdd71:0"
Accept-Ranges
bytes
Content-Length
1149
X-XSS-Protection
1; mode=block
aumc-logo-white.png
208.69.196.34/images/
16 KB
16 KB
Image
General
Full URL
http://208.69.196.34/images/aumc-logo-white.png
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b02ecea36e825b52ab652a933bf7639c0e6a6977aa39ea207be9f4e00bda29c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
ETag
"4d1a421ffdd71:0"
Accept-Ranges
bytes
Content-Length
16434
X-XSS-Protection
1; mode=block
EHL.png
208.69.196.34/images/nav/
3 KB
4 KB
Image
General
Full URL
http://208.69.196.34/images/nav/EHL.png
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:27 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
ETag
"17829022ffdd71:0"
Accept-Ranges
bytes
Content-Length
3317
X-XSS-Protection
1; mode=block
jquery-1.11.3.min.js
208.69.196.34/js/
94 KB
94 KB
Script
General
Full URL
http://208.69.196.34/js/jquery-1.11.3.min.js
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
application/javascript
ETag
"4946323ffdd71:0"
Accept-Ranges
bytes
Content-Length
95957
X-XSS-Protection
1; mode=block
jsSuite-1.9.5.js
208.69.196.34/js/
55 KB
55 KB
Script
General
Full URL
http://208.69.196.34/js/jsSuite-1.9.5.js
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0930df813e05abcc03849a3403fcff2fe5ebe034c04f51095f723a23021bceb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:29 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
application/javascript
ETag
"5d1c5923ffdd71:0"
Accept-Ranges
bytes
Content-Length
55873
X-XSS-Protection
1; mode=block
70114738-3ca4-4151-b5f8-6edf08aba767.json
cdn.cookielaw.org/consent/70114738-3ca4-4151-b5f8-6edf08aba767/
821 B
1 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/70114738-3ca4-4151-b5f8-6edf08aba767/70114738-3ca4-4151-b5f8-6edf08aba767.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab1e8de3f6d6efab2778053b143c5ba3fd790cca61848513848ba4c005f7c124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
hGP8/npTRqdsbS/1kuyc3A==
vary
Accept-Encoding
content-length
476
x-ms-lease-status
unlocked
last-modified
Tue, 31 Dec 2019 23:09:15 GMT
server
cloudflare
etag
0x8D78E4674C1C152
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5967b12e-601e-0142-7730-50b5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6fbe9fc2ff2e19eb-EWR
expires
Thu, 14 Apr 2022 22:49:54 GMT
gtm.js
www.googletagmanager.com/
141 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P2G356F
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f704e3872e8913965e788fb74c59fb789909d7da15bdc1206f1328bb68c83124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53680
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 18:15:34 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 18:49:54 GMT
akusa-phone.css
208.69.196.34/css/
16 KB
17 KB
Stylesheet
General
Full URL
http://208.69.196.34/css/akusa-phone.css
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusa.css?20211229155
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e8cfbbd69a0143f726fc0065806f8c7754a5d56f28c12648874a9976cc4118c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/css/akusa.css?20211229155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/css
ETag
"3bb3e519ffdd71:0"
Accept-Ranges
bytes
Content-Length
16830
X-XSS-Protection
1; mode=block
akusa-desktop.css
208.69.196.34/css/
19 KB
19 KB
Stylesheet
General
Full URL
http://208.69.196.34/css/akusa-desktop.css
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusa.css?20211229155
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e3e22cf18c9bc9e642267b61e469a69bb7c73428eabc99f36901ba81903d28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/css/akusa.css?20211229155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/css
ETag
"3bb3e519ffdd71:0"
Accept-Ranges
bytes
Content-Length
19108
X-XSS-Protection
1; mode=block
AkusaIcon.ttf
208.69.196.34/css/fonts/AkusaIcon/
15 KB
16 KB
Font
General
Full URL
http://208.69.196.34/css/fonts/AkusaIcon/AkusaIcon.ttf?pz4t3k
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusafonts.css?20211229155
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39a412e246a6126dba4a17583516d8fb37919ca57d8078b863236f705c8ff199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://208.69.196.34/css/akusafonts.css?20211229155
Origin
http://208.69.196.34
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
ETag
"5c7691affdd71:0"
Accept-Ranges
bytes
Content-Length
15656
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2G356F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
358
date
Thu, 14 Apr 2022 18:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 14 Apr 2022 20:43:56 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2G356F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14897
x-xss-protection
0
server
cafe
etag
9926226332162747720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:49:54 GMT
js
www.googletagmanager.com/gtag/
94 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9253762
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2G356F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da17657689d9bf10aa4d76614feaf404a2afd77c247b751b718e252dd26ebef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37913
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 18:15:34 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 18:49:54 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/
24 KB
6 KB
Script
General
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
cf-cache-status
HIT
age
136
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 21 Oct 2021 17:42:06 GMT
server
cloudflare
etag
W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bf5abe06e7e8ddc3963a0afd0a961f75.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
EWR52-C1
cf-ray
6fbe9fc46f381875-EWR
x-amz-cf-id
wyZYBxDLIhHsVzSuh41EOaCCDYiFj_3E8qpWn6JJiYy34H0Hf2naig==
up_loader.1.1.0.js
js.adsrvr.org/
4 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2G356F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 07:58:25 GMT
Via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
39090
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
_rsUCgkbcXmVMZEishpzHT12RnEIl2DsEbq7tdDwhpWsO4l60IN3JA==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/5.9.0/
325 KB
78 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/5.9.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7aa4714e096a10d27792f4c9f0f5a66d14c7e625d618bc2dcaa02c3b3113d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ogbvarzU0fhMH1X6yZRgBg==
age
15367254
vary
Accept-Encoding
content-length
80123
x-ms-lease-status
unlocked
last-modified
Tue, 17 Dec 2019 20:41:27 GMT
server
cloudflare
etag
0x8D783317D662F3E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
262198fa-201e-0063-0c6c-c49ec3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6fbe9fc3fd2f18c4-EWR
a
www.googletagmanager.com/
0
128 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P2G356F&cv=12&v=3&t=t&pid=871576171&rv=460&es=1&e=gtm.init_consent&eid=1&tc=26&z=0
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
54 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P2G356F&cv=12&v=3&t=t&pid=871576171&rv=460&es=1&e=gtm.init&eid=2&tc=26&z=0
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/70114738-3ca4-4151-b5f8-6edf08aba767/82045980-0c4f-45c5-a55d-2602076815ae/
27 KB
7 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/70114738-3ca4-4151-b5f8-6edf08aba767/82045980-0c4f-45c5-a55d-2602076815ae/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c5c5cc4237d043efdee2a6d06669a3203a30d33ad78b82d1dc94ac0eae6ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
dNUxRnZdqZ7wxW3+D5PxnQ==
vary
Accept-Encoding
content-length
6607
x-ms-lease-status
unlocked
last-modified
Tue, 31 Dec 2019 23:09:14 GMT
server
cloudflare
etag
0x8D78E4673EE939F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
515f9330-c01e-0026-2b30-504352000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6fbe9fc449f019eb-EWR
expires
Thu, 14 Apr 2022 22:49:54 GMT
PTN57F-webfont.woff
208.69.196.34/css/fonts/PTSans/ptsansnarrow_regular_macroman/
25 KB
25 KB
Font
General
Full URL
http://208.69.196.34/css/fonts/PTSans/ptsansnarrow_regular_macroman/PTN57F-webfont.woff
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusafonts.css?20211229155
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://208.69.196.34/css/akusafonts.css?20211229155
Origin
http://208.69.196.34
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
font/x-woff
ETag
"3cd5ae19ffdd71:0"
Accept-Ranges
bytes
Content-Length
25232
X-XSS-Protection
1; mode=block
navSprites.png
208.69.196.34/css/nav/
16 KB
17 KB
Image
General
Full URL
http://208.69.196.34/css/nav/navSprites.png
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusa-base.css?20211229155
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02b5d43c46bb678cdcf2c0375ab22626afa5e44a7946e5f0cc3ca4571c8338c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/css/akusa-base.css?20211229155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
ETag
"c96e91affdd71:0"
Accept-Ranges
bytes
Content-Length
16609
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1408209754&t=pageview&_s=1&dl=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&ul=en-us&de=UTF-8&dt=Alaska%20USA%20Mortgage%20Site%20Map&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=801620405&gjid=720523437&cid=1553853708.1649962195&tid=UA-105087488-2&_gid=576492332.1649962195&_r=1&gtm=2wg460P2G356F&z=128293644
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://208.69.196.34/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://208.69.196.34
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1649962194655&cv=9&fst=1649962194655&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&ig=1&frm=0&url=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&tiba=Alaska%20USA%20Mortgage%20Site%20Map&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18330198bc368081d196e8aeb8aa817fa87bf8fdff7c081f011ffdbb1c985d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1008
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
prism.app-us1.com/
0
214 B
Script
General
Full URL
https://prism.app-us1.com/?a=25948200&u=http%3A%2F%2F208.69.196.34%2Fsitemap.asp
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 18:49:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
38
cf-ray
6fbe9fc4e8cb1875-EWR
content-length
0
otFlat.json
cdn.cookielaw.org/scripttemplates/5.9.0/assets/
15 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/5.9.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
dxOB/be8nmsxf/Kih6JKlA==
vary
Accept-Encoding
content-length
2826
x-ms-lease-status
unlocked
last-modified
Tue, 17 Dec 2019 20:41:25 GMT
server
cloudflare
etag
0x8D783317BF2D096
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6451f895-e01e-0171-0830-50ec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6fbe9fc4eb6719eb-EWR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/5.9.0/assets/
75 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/5.9.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/5.9.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a1bfbc0952fdf7ba7b4776d12b04ca9121c77a2a2fc884f3401617f4ba97c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 14 Apr 2022 18:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
ZKBNGH1g2s7/Loa8vBKjKA==
vary
Accept-Encoding
content-length
13145
x-ms-lease-status
unlocked
last-modified
Tue, 17 Dec 2019 20:41:25 GMT
server
cloudflare
etag
0x8D783317C1616BC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b5cd0303-c01e-0144-6730-5042df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6fbe9fc4eb6c19eb-EWR
collect
stats.g.doubleclick.net/j/
2 B
438 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105087488-2&cid=1553853708.1649962195&jid=801620405&gjid=720523437&_gid=576492332.1649962195&_u=YEBAAAAAAAAAAC~&z=1404825004
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://208.69.196.34/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Apr 2022 18:49:54 GMT
content-type
text/plain
access-control-allow-origin
http://208.69.196.34
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/831978068/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/831978068/?random=1649962194655&cv=9&fst=1649959200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg460&sendb=1&frm=0&url=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&tiba=Alaska%20USA%20Mortgage%20Site%20Map&async=1&fmt=3&is_vtc=1&random=4210102120&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
header_bg.png
208.69.196.34/css/nav/
8 KB
8 KB
Image
General
Full URL
http://208.69.196.34/css/nav/header_bg.png
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusa-desktop.css
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/css/akusa-desktop.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
ETag
"ac9b2f1affdd71:0"
Accept-Ranges
bytes
Content-Length
8058
X-XSS-Protection
1; mode=block
pgMainEdge.png
208.69.196.34/css/nav/
960 B
1 KB
Image
General
Full URL
http://208.69.196.34/css/nav/pgMainEdge.png
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/css/akusa-desktop.css
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1fb28d9c14ec42912599df0f34b14c6e6f996084ca13e06bb11dcb4c9459ed34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/css/akusa-desktop.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:13 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/png
ETag
"91d2b1affdd71:0"
Accept-Ranges
bytes
Content-Length
960
X-XSS-Protection
1; mode=block
agf.gif
208.69.196.34/
43 B
355 B
XHR
General
Full URL
http://208.69.196.34/agf.gif?t=pv&pv=%2Fsitemap.asp&tt=Alaska+USA+Mortgage+Site+Map&vt=new&sc=direct&md=(none)&dp=24&sh=1200&sw=1600&bn=Chrome&bv=100&pn=Windows&pr=10&bl=en-us&js=1.7&hn=208.69.196.34&vi=55057660&vs=550576601649962195&_=91043&v=040
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/js/jsSuite-1.9.5.js
Protocol
HTTP/1.1
Server
208.69.196.34 Anchorage, United States, ASN40226 (AKUSA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7939a03248bb3f75e2f12226871e6e304b0c1e1fa506f3871548547cf24f32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/sitemap.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 18:49:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Dec 2021 23:52:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/gif
ETag
"ecfc5819ffdd71:0"
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1; mode=block
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-105087488-2&cid=1553853708.1649962195&jid=801620405&_u=YEBAAAAAAAAAAC~&z=1467363932
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P2G356F&cv=12&v=3&t=t&pid=871576171&rv=460&es=1&e=gtm.js&eid=3&tc=26&tr=1gclidw.1ua.1paused.1sp.1lcl.1cl.1cl.1lcl.1lcl.1html.1html.5html.1html.5html.1html.5gclidw.6paused.5lcl.5cl.5cl.5lcl.5lcl.5html.5html&ti=1gclidw.1ua.1paused.1sp.1lcl.1cl.1cl.1lcl.1lcl.1html.1html.1html.1html.1html.1html.1gclidw.1paused.1lcl.1cl.1cl.1lcl.1lcl.1html.1html&z=0
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P2G356F&cv=12&v=3&t=t&pid=871576171&rv=460&es=1&e=gtm.dom&eid=7&tc=26&z=0
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-P2G356F&cv=12&v=3&t=t&pid=871576171&rv=460&es=1&e=*&eid=8&tc=26&z=0
Requested by
Host: 208.69.196.34
URL: http://208.69.196.34/sitemap.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://208.69.196.34/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 18:49:54 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.adsrvr.org/track/upb/ Frame 6FF9
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
893 B
1 KB
Document
General
Full URL
https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f653c472465b6229b9fc421803845c85d348c7dff209f9fba025d44d15126d9d

Request headers

Referer
http://208.69.196.34/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 18:49:55 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 18:49:55 GMT
location
https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 6FF9
487 B
964 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=http%3A%2F%2F208.69.196.34%2Fsitemap.asp&upid=q8skero&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 07:07:29 GMT
Via
1.1 2363b636adbc739d5f9806cb41e6d226.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
42147
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
vztgZn0c-1acaednn6KaZ5ccBj3vGmH3CnDrBBBa2oai_hTPT-Tkqg==
generic
match.adsrvr.org/track/cmf/ Frame B898
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-qSfifa9E2uJ5npkZQfvUgft2RjDxLiY-~A&gdpr=0&gdpr_consent=
70 B
591 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-qSfifa9E2uJ5npkZQfvUgft2RjDxLiY-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 14 Apr 2022 18:49:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Thu, 14 Apr 2022 18:49:56 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-qSfifa9E2uJ5npkZQfvUgft2RjDxLiY-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
appnexus
match.adsrvr.org/track/cmf/ Frame 0B7F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D3ec86c29-2db4-4c4e-887a-b4a22d1a282b
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6953566194632253861&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b
70 B
591 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6953566194632253861&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 14 Apr 2022 18:49:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

AN-X-Request-Uuid
31434fba-e1e0-4420-a878-7627884fbeac
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Apr 2022 18:49:56 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6953566194632253861&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
google
match.adsrvr.org/track/cmf/ Frame B254
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2VjODZjMjktMmRiNC00YzRlLTg4N2EtYjRhMjJkMWEyODJi&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&google_gid=CAESEJg_l-1pudS47gmpyRXiEFE&google_cver=1
70 B
592 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&google_gid=CAESEJg_l-1pudS47gmpyRXiEFE&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 14 Apr 2022 18:49:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 18:49:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3ec86c29-2db4-4c4e-887a-b4a22d1a282b&google_gid=CAESEJg_l-1pudS47gmpyRXiEFE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment


Legitimate page.url
Submitted on April 14th 2022, 10:23:30 pm UTC — From United States

Comment: Is actually the IP of alaskausa mortgage

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored object| OneTrustStub function| OptanonWrapper object| dataLayer object| google_tag_manager function| __cmp function| __tcfapi function| receiveOTMessage string| OnetrustActiveGroups string| OptanonActiveGroups object| google_tag_data string| GoogleAnalyticsObject function| ga number| formChecker function| checkForm string| visitorGlobalObjectAlias function| vgo object| otStubData function| gtag function| ttd_dom_ready function| TTDUniversalPixelApi object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| prismGlobalObjectAlias object| visitorGlobalObject object| Optanon object| OneTrust object| ub function| $ function| jQuery boolean| o object| p boolean| v string| M object| agf function| lmMini function| loadToggle function| toggleContent function| toggleList string| resizePreviousView function| handleResize function| toggleSideMenu function| slideMenuIntoView function| FlagUB function| AddTracker object| jQuery11130884536694782136 function| onHide function| onBeforeShow function| applyHandlers function| onButtonKeydown function| onMenuKeydown function| onButtonClick

14 Cookies

Domain/Path Name / Value
208.69.196.34/ Name: ASPSESSIONIDQSTBTBBC
Value: EEJHGOPDHCPHPLPKNFFLNNPJ
208.69.196.34/ Name: _gcl_au
Value: 1.1.833131525.1649962195
208.69.196.34/ Name: _ga
Value: GA1.4.1553853708.1649962195
208.69.196.34/ Name: _gid
Value: GA1.4.576492332.1649962195
208.69.196.34/ Name: _gat_UA-105087488-2
Value: 1
prism.app-us1.com/ Name: prism_25948200
Value: 56bb2fd3-70fb-4f81-96bc-8f860202cc5c
208.69.196.34/ Name: agft
Value: 3c601e338e1fce5a054e0e5ab9954239.55057660
208.69.196.34/ Name: agfs
Value: 3c601e338e1fce5a054e0e5ab9954239.55057660&1649962195&1649962195&direct&(none)&&&&&
.adsrvr.org/ Name: TDID
Value: 3ec86c29-2db4-4c4e-887a-b4a22d1a282b
.adnxs.com/ Name: uuid2
Value: 6953566194632253861
.yahoo.com/ Name: A3
Value: d=AQABBNRsWGICENLfI6qgUOWogZglz96_k3wFEgEBAQG-WWJiYgAAAAAA_eMAAA&S=AQAAAhO8Ja1MMh-7R0_Bcoi9cb0
.doubleclick.net/ Name: IDE
Value: AHWqTUlsm_9Scq7Dm5S8LWN6B-CGHMPSYzqIS-k2HJHBEoymBNCsgQSO8GlUO83JMpc
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~24bu
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKcmlnaHRtZWRpYRILCIrhnp2zlM86EAUSFwoIYXBwbmV4dXMSCwiK4Z6ds5TPOhAFEhUKBmdvb2dsZRILCIrhnp2zlM86EAUYBSABKAMyCwiK2aHKyZTPOhAFQg8iDQgBEgkKBXRpZXIyEAFaB3A2cTZwY3RgAQ..

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cm.g.doubleclick.net
diffuser-cdn.app-us1.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
prism.app-us1.com
stats.g.doubleclick.net
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
142.250.65.194
142.250.80.98
208.69.196.34
2606:4700::6810:9540
2606:4700::6811:915b
2607:f8b0:4004:c08::9b
2607:f8b0:4006:816::200e
2607:f8b0:4006:81f::2004
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2008
3.218.90.66
3.33.220.150
54.230.160.114
68.67.179.77
02b5d43c46bb678cdcf2c0375ab22626afa5e44a7946e5f0cc3ca4571c8338c5
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
07a1bfbc0952fdf7ba7b4776d12b04ca9121c77a2a2fc884f3401617f4ba97c6
0930df813e05abcc03849a3403fcff2fe5ebe034c04f51095f723a23021bceb8
0a8bc977845d322b2a028ff676867741db0f176640b9a83e323d4874cf001c37
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
18330198bc368081d196e8aeb8aa817fa87bf8fdff7c081f011ffdbb1c985d0a
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
1fb28d9c14ec42912599df0f34b14c6e6f996084ca13e06bb11dcb4c9459ed34
2b02ecea36e825b52ab652a933bf7639c0e6a6977aa39ea207be9f4e00bda29c
39a412e246a6126dba4a17583516d8fb37919ca57d8078b863236f705c8ff199
3e8cfbbd69a0143f726fc0065806f8c7754a5d56f28c12648874a9976cc4118c
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
4e3e22cf18c9bc9e642267b61e469a69bb7c73428eabc99f36901ba81903d28b
505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e27c761954b83486f9c06e2ce6be37d0918667ea5569d83d63797d7ccd7642b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab1e8de3f6d6efab2778053b143c5ba3fd790cca61848513848ba4c005f7c124
b4c5c5cc4237d043efdee2a6d06669a3203a30d33ad78b82d1dc94ac0eae6ceb
c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0
c1c93f05a97d71c507eaff617ea8d5e7f06068f8522ea5e5314321e8df0adb59
da17657689d9bf10aa4d76614feaf404a2afd77c247b751b718e252dd26ebef5
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7939a03248bb3f75e2f12226871e6e304b0c1e1fa506f3871548547cf24f32d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f442ea1fb011713124e53144556304d033cbd003a78c85c044416cce292a604c
f653c472465b6229b9fc421803845c85d348c7dff209f9fba025d44d15126d9d
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f704e3872e8913965e788fb74c59fb789909d7da15bdc1206f1328bb68c83124
f7aa4714e096a10d27792f4c9f0f5a66d14c7e625d618bc2dcaa02c3b3113d0a