cascadiasolutions.ca Open in urlscan Pro
2606:4700:3036::ac43:d1a3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cascadiasolutions.ca/en/UltraBranch/
Effective URL:
https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038...
Submission: On October 01 via api (October 1st 2022, 5:11:57 am UTC) from CA — Scanned from CA

Summary HTTP 58 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 13 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3036::ac43:d1a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cascadiasolutions.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time cascadiasolutions.ca was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3036::ac43:d1a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	107.162.171.161 107.162.171.161	55002 (DEFENSE-NET) (DEFENSE-NET)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.32.206.122 13.32.206.122	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
58	13

17 2606:4700:3036::ac43:d1a3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cascadiasolutions.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 107.162.171.161 (United States)

ASN55002 (DEFENSE-NET, US)

www.alaskausa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.206.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-206-122.iad66.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.75 (Newark, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	alaskausa.org www.alaskausa.org — Cisco Umbrella Rank: 291979	604 KB
17	cascadiasolutions.ca 1 redirects cascadiasolutions.ca	320 KB
7	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1436 insight.adsrvr.org — Cisco Umbrella Rank: 617 match.adsrvr.org — Cisco Umbrella Rank: 344	10 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 378	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	206 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	623 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8590	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7951 prism.app-us1.com — Cisco Umbrella Rank: 8177	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	15 KB
58	13

	Domain	Requested by
18	www.alaskausa.org	cascadiasolutions.ca
17	cascadiasolutions.ca	1 redirects cascadiasolutions.ca www.alaskausa.org
4	match.adsrvr.org	js.adsrvr.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com cascadiasolutions.ca
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	cascadiasolutions.ca www.googletagmanager.com
2	ups.analytics.yahoo.com	2 redirects
2	ib.adnxs.com	2 redirects
2	www.google.ca	cascadiasolutions.ca
2	www.google.com	cascadiasolutions.ca
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
1	cm.g.doubleclick.net	1 redirects
1	insight.adsrvr.org	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	diffuser-cdn.app-us1.com	cascadiasolutions.ca
1	www.googleadservices.com	www.googletagmanager.com
58	18

This site contains links to these domains. Also see Links.

Domain
login.alaskausa.org
www.alaskausa.org
go.alaskausa.org
event.alaskausa.org
www.youtube.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
www.alaskausa.org DigiCert TLS RSA SHA256 2020 CA1	`2022-05-10` - `2023-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
Frame ID: 0095072AFC3AAA08DEADBA4606846147
Requests: 53 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&upid=q8skero&upv=1.1.0
Frame ID: A3B2B7FC73319C7646BB24F04A4A7D0A
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549&google_gid=CAESEIK0GONExZuyV9ygjEsvhwM&google_cver=1
Frame ID: 2DC3F0A28800049F8DA280D71BB6526F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=9151121904508231339&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549
Frame ID: 1547A954D9F18C93C606EA744C25D6B9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-H1pbGBhE2uLFKJaufWDSKt8mxCS_drY-~A&gdpr=0&gdpr_consent=
Frame ID: C80922D077019719B9FCF4170C078F94
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alaska USA services for you

Page URL History Show full URLs

https://cascadiasolutions.ca/en/UltraBranch/ HTTP 302
https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

18
Subdomains

13
IPs

1
Countries

1195 kB
Transfer

1990 kB
Size

18
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://login.alaskausa.org/efs/ultrabranch/ForgotPAC
Title: Forgot Login

Search URL Search Domain Scan URL

URL: https://www.alaskausa.org/enroll
Title: Enroll

Search URL Search Domain Scan URL

URL: https://go.alaskausa.org/personal/investments?aid=q920i_FPIS1

Search URL Search Domain Scan URL

URL: https://www.alaskausa.org/loans/nada.asp?aid=q920i_nada

Search URL Search Domain Scan URL

URL: https://go.alaskausa.org/personal/investments?aid=q920i_FPIS2

Search URL Search Domain Scan URL

URL: https://www.alaskausa.org/loans/visaPlatinum.aspaid=?utm_source=homepage&utm_medium=banner&utm_campaign=tools&aid=q1120i_paypal#reward

Search URL Search Domain Scan URL

URL: https://go.alaskausa.org/covid-19-faqs#faqs
Title: Economic Stimulus Deposit Information Learn more about checking the status of your deposit.

Search URL Search Domain Scan URL

URL: https://event.alaskausa.org/annual-meeting
Title: 2020 Election & Annual Meeting A full recap of June 10th virtual meeting

Search URL Search Domain Scan URL

URL: https://go.alaskausa.org/learn
Title: Learning Center

Search URL Search Domain Scan URL

URL: https://www.alaskausa.org//about/pressReleases.asp
Title: News & Announcements

Search URL Search Domain Scan URL

URL: https://www.youtube.com/AlaskaUSAFCU
Title: Alaska USA on YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AlaskaUSAFCU
Title: Facebook iconFacebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/alaska-usa-federal-credit-union
Title: LinkedIn iconLinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/alaskausa
Title: Twitter iconTwitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/alaskausafcu/
Title: InstagramInstagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cascadiasolutions.ca/en/UltraBranch/ HTTP 302
https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://insight.adsrvr.org/track/up?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&upid=q8skero&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&upid=q8skero&upv=1.1.0

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YmIwOTg3ZjktMDk3YS00NWQzLWIzOGEtNTgxYTUyZDc4NTQ5&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549&google_gid=CAESEIK0GONExZuyV9ygjEsvhwM&google_cver=1

Request Chain 55

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dbb0987f9-097a-45d3-b38a-581a52d78549 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=9151121904508231339&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549

Request Chain 56

https://ups.analytics.yahoo.com/ups/55953/sync?uid=bb0987f9-097a-45d3-b38a-581a52d78549&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=bb0987f9-097a-45d3-b38a-581a52d78549&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-H1pbGBhE2uLFKJaufWDSKt8mxCS_drY-~A&gdpr=0&gdpr_consent=

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.php Show response
cascadiasolutions.ca/en/UltraBranch/
Redirect Chain

https://cascadiasolutions.ca/en/UltraBranch/
https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c803...

51 KB
14 KB

153ms
152ms

Document
text/html

2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c53140cdd86f30ae393d068e42b450682cae7f1a4d0b14d93dbe0ff7b55a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7532b3277b65ca5f-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Oct 2022 05:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YV7GyDtxHqGDWfpoHho%2F%2Bk1m5BQS9XGqVc0wy0zauDyiZIVT4ZlwDS%2F542bREOxdvvHJagt%2BqmaCCJZ4kkvNr0sz39Dbtf1RCngqLQjx500WWaX1KvdX9RAFyHFxMmMGvp1yQQofC4CDviI4QRlIBc%2BbLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7532b321bfa3ca5f-YUL
content-type: text/html; charset=UTF-8
date: Sat, 01 Oct 2022 05:11:49 GMT
location: login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv4zhZO%2BCEHyrdVKtzW9kNe%2FajVcmzNCPewa2gzoF9zXe6rWZlHljtQUVMUcSEWlRlOCv7Zh5OMIiEKB2yfxQdcvj86Ya76L1%2FQT8hmoh%2BOPo5JYFFuAib%2F9Kb9FCLFIZh3rLXV8DU7eHBRSogOmfqFKVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 akusafonts.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 4 KB
1 KB 286ms
286ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusafonts.css?20181128

Requested by

Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43993e35dabe9b51ad7e918e1834fa907130d3d3115169ccfef1077f678d0fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:03:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM63l4tMAMDILLWCoANsTCTenbbUuySVH0j%2Flt6K%2FcfVRL0pJGvaWlNu%2BqQD43fH1go5HNfi7983IJzKhdX8fRqlwzchBEJCE6BOQ%2FK50eA8BhBjUvpvNJrTSBhS6bm0UPLi5o%2FTbjBhUfDfP0Cwjwqzdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b3286ad84bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 akusa-base.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 31 KB
9 KB 268ms
267ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-base.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

904cd9838fb672adb5bd6c0d893d3c00920bb50f9774b71790b1017b4e42b2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:18:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77yMJf5Es%2BQUIboIy3ftN6YVrq7iBuNeUQ%2BJSFcp7bGNQsN5yxE3X5BF7EFEppEY%2FVeu7CeCLQ5ikkkLgPbB7fjQkWC%2BlIE0ubaBTVYqj6m%2BsJluZrVZYoYpdOOP72Ge%2Bovs0zRftBiAX1use%2FxA0uy%2FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b3287adb4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 akusa-desktop.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 20 KB
7 KB 308ms
307ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-desktop.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada947c677d1485882386e2d55b8f4af932468a901bd8540e51bc53530c91861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:19:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAErcg2mUfnvPk9PTS4%2BK%2FICiMvRT2uXswscN%2B4fm5ZpZ6%2FHAte6Xd7ABcpDx2xjUDutdE6PDYHs63pQHXhKGl0QIyDme8FwgbnYVEEa8u79WEEzVDRSIhsfektG0b5bnmItXVizr9zFqhqCL8DfsUhJ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b3287adc4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 slick.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 3 KB
1 KB 249ms
248ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/slick.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06395f633868ad3aa91e289fa08624e594e662f421be4a77bcfa12a59c0b4108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:22:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsODF%2BbYIAQt4tlFBrJrL36i1lKQ0ifCv62sYPxJqqdJ3ZG3LsHS%2FqffBvYQtjVPi5BS6ik6KJtHjFgJYCPhssrpcP5hE%2BegQHVGJjShnwjy9b3zIc7F1sSuOQdkVHe3SnU%2BoV0d6YAJFCk4StDToIfn2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b3287add4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 akusa-home.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 6 KB
2 KB 315ms
314ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-home.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c0db8b02b367b0a0a825d7b53e089d070675e46f495e248b501a7688774e7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:23:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YH2qD4WaSEzaMk8nPFX6u2JcgSTv5PZlo0Y1aJYFnaQkunAffFe50ooCDADli%2FOWCuSOqJdzC7DRZHNkq598WQBsalEQgX%2BMb4gKmN%2FKtsOMzQ%2FQUoMdrXnK6GMqxo%2FnIIZG9%2BqCXlDuKreDwG6wr2gwpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b3287ade4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK akusafcu_logo.png
www.alaskausa.org/images/nav/ 16 KB
16 KB 706ms
438ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/images/nav/akusafcu_logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:56 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:56 GMT
ETag: "553c2d4be4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16228
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Background-Photo-Persona-02.jpg
www.alaskausa.org/current/promo/data/images/primary/ 52 KB
52 KB 658ms
375ms Image
image/jpeg 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/Background-Photo-Persona-02.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

1005c81e34195681e8804f8c3373eb694a24a3b1b29e213bb15eb62558fd7e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:18 GMT
ETag: "60f45c34e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 53072
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Floating-Banner2.png
www.alaskausa.org/current/promo/data/images/primary/ 38 KB
38 KB 728ms
438ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/Floating-Banner2.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

2a9ea79fd7475239fbaf329d96211c18d1ad812be5f402fe9571c5db6c789f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:56 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:30 GMT
ETag: "9ca9d53be4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 38614
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 20713-NADA-Background-Bnr-0820.jpg
www.alaskausa.org/current/promo/data/images/primary/ 93 KB
93 KB 662ms
370ms Image
image/jpeg 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/20713-NADA-Background-Bnr-0820.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

b8ce2661c681e99678f9005f3641197c0dce7579c61624e528c71e4e683042aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:16 GMT
ETag: "44634833e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 95027
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 20713-NADA-Floating-Banner.png
www.alaskausa.org/current/promo/data/images/primary/ 10 KB
11 KB 666ms
368ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/20713-NADA-Floating-Banner.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

c0a586167b9fcc911c0688cf356973153d51d57dcb909a671f92c9c198d3d611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:50 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:13 GMT
ETag: "cc28cf31e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10688
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Background-Photo-Persona-01.jpg
www.alaskausa.org/current/promo/data/images/primary/ 44 KB
45 KB 717ms
419ms Image
image/jpeg 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/Background-Photo-Persona-01.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

554c07478a401d7c8e04b5fd72508a24da109c85451b1356d5ea6700d0859ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:56 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:25 GMT
ETag: "9f4fd038e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 45539
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Floating-Banner.png
www.alaskausa.org/current/promo/data/images/primary/ 40 KB
41 KB 568ms
116ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/Floating-Banner.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

2c48b99e9c312705a2f9f1bd431a2f29dc6d054fb8b35a3c942a15b85c80e385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:19 GMT
ETag: "b79b3835e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 41436
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Background-Photo_paypal.jpg
www.alaskausa.org/current/promo/data/images/primary/ 98 KB
98 KB 583ms
111ms Image
image/jpeg 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/Background-Photo_paypal.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

7249bc73560b249e77e116189d54d03475b303396354d60cca2291095a77c345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:15 GMT
ETag: "e72fda32e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 100292
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Paypal_floater.png
www.alaskausa.org/current/promo/data/images/primary/ 70 KB
70 KB 532ms
127ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/primary/Paypal_floater.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

2e7c0c05ccdc6f730310f1bc9477aa87364fb7b31625aad63005f84029b15a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:56 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:31 GMT
ETag: "9ede6b3ce4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 71252
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK warning.png
www.alaskausa.org/current/promo/data/images/secondary/ 1 KB
2 KB 471ms
106ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/secondary/warning.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:50 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:20 GMT
ETag: "db19c035e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1249
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK annual_report2019.png
www.alaskausa.org/current/promo/data/images/secondary/ 28 KB
28 KB 642ms
139ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/current/promo/data/images/secondary/annual_report2019.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

57e36e601c00b7303300b847252d692ed85f713f8b4bae390073cafe5cc36734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:56 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:30 GMT
ETag: "98f3bc3be4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28534
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
89 KB 100ms
51ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6576aabdca12a92de4d7a23c30af644d4a5105217700cd9f9a2b769a620774e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90229
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Oct 2022 05:11:49 GMT

GET
H3 200 akusa-phone.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 17 KB
6 KB 305ms
304ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-phone.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58fbb78a8290a84a46f7ee5480a62d5adeeae8f0b1a59365e77b8e304910a2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqK0JDYv%2BqdsrQenAxMjPE%2BQGRc8DezB8gAR%2BUzFyofpewVJyBzOnCBwmUV9y9wG%2BrxVTjBkm1ewsj3t8NS5tDBV%2F8JMYXnpxg5fPfHjq7Eujj%2Bto165VF%2BjQi%2B5Toosz69Qk6LE81cB315JuzeTnQLs3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b328ab054bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 akusa-print.css
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 427 B
728 B 297ms
296ms Stylesheet
text/css 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-print.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d3ba1d2278fadfc8ea7e17c4babe8b3d8c629b2e7e3e33690ee94e182cd79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3Kcxq5if6soxg%2BAuCx928mow72dFwLAdnvob8GwmIG03f%2BY3zJ%2BRvUB8XOztVzJt%2F3RgUalTCvWvoyump5sJ%2FsxIfke1lCgGN%2FM9Q36A6MxFLz%2Ft65g7chZTCjon2o7q5QkTpRAxRdBd%2BdG1EaU3SVd4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7532b328ab074bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ncua.png
www.alaskausa.org/images/nav/ 4 KB
4 KB 123ms
123ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/images/nav/ncua.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:56 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:49 GMT
ETag: "349b647e4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4280
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK EHL.png
www.alaskausa.org/images/nav/ 3 KB
4 KB 113ms
112ms Image
image/png 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alaskausa.org/images/nav/EHL.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:37 GMT
ETag: "51e2f13fe4d2d81:0"
X-Frame-Options: DENY
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3317
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.alaskausa.org/js/ 94 KB
45 KB 682ms
184ms Script
application/javascript 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alaskausa.org/js/jquery-1.11.3.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:41 GMT
Content-Encoding: gzip
ETag: "5f9d6e42e4d2d81:0"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jsSuite-1.9.5.js Show response
www.alaskausa.org/js/ 61 KB
26 KB 231ms
230ms Script
application/javascript 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alaskausa.org/js/jsSuite-1.9.5.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

bca5da5fbdc9292cedb816e85db8980b5fbacf78e21d460b56aca95750ad5a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:57 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:59 GMT
Content-Encoding: gzip
ETag: "4660374de4d2d81:0"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25907
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.accAccordion.js Show response
www.alaskausa.org/js/ 8 KB
3 KB 105ms
105ms Script
application/javascript 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alaskausa.org/js/jquery.accAccordion.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

f7e3eb312cccb6419c3aec05f31125d606b83c1fe8c91b30a13e8ed4f6403aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:42 GMT
Content-Encoding: gzip
ETag: "de36c942e4d2d81:0"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3084
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.leanModal.AKUSA.2.1.js Show response
www.alaskausa.org/js/ 11 KB
5 KB 126ms
125ms Script
application/javascript 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alaskausa.org/js/jquery.leanModal.AKUSA.2.1.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

02ca1096a4032bceab99b6b588b0763f3eac608d12852dc1b0252601ad062bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:57 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:59 GMT
Content-Encoding: gzip
ETag: "4660374de4d2d81:0"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5013
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK slick.181.js Show response
www.alaskausa.org/js/jquery/slick/ 90 KB
24 KB 185ms
184ms Script
application/javascript 107.162.171.161
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alaskausa.org/js/jquery/slick/slick.181.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.171.161 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

03adc4dc515be5d90fd135e9745f7833c80c921a5b054e827067bf6ef0171fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 05:11:51 GMT
Via: 1.1 dca1-bit16013
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Sep 2022 02:44:41 GMT
Content-Encoding: gzip
ETag: "53338d42e4d2d81:0"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
13ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Oct 2022 04:34:51 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2219
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sat, 01 Oct 2022 06:34:51 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 104ms
53ms Script
text/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Oct 2022 05:11:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 82ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 01 Oct 2022 05:11:49 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 414A815A6D34470C97CD9BB71C337682 Ref B: YTO01EDGE0819 Ref C: 2022-10-01T05:11:50Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 86ms
23ms Script
application/x-javascript 13.32.206.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.206.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-206-122.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 12:29:33 GMT
Via: 1.1 9e18259ccc98f7a9dcd0fe17b60688c2.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
Age: 60138
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: SuYk_MwaYVQJ2N5Jn4_lcBokFYn1PVDES8SsMhn2LviyIfwE3UHVWg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 82ms
41ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9253762

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20d671de1670da2a8ee8bd9047a73e43b0801f1e06a2e7ff98745d860978ae3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42504
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Oct 2022 05:11:50 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 61ms
21ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: gzip
via: 1.1 233fdf58f872ee4c13da2719cf945c9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: EWR52-C3
age: 184
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7532b32a7a254bc5-YUL
x-amz-cf-id: HMDRCmUbyPCtai-kOlvP82DFlHoDgjSZKd3WKfiusGAk4y6hRpCIZg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
76 KB 82ms
43ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W942G3C

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52ede95b184ea1641142a58a4befef5f28ba6b56fad29e715e3019a9321ce7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 Oct 2022 05:11:50 GMT

GET
H3 404 homeSprites.png
cascadiasolutions.ca/en/UltraBranch/images/ 12 KB
12 KB 261ms
261ms Image
text/html 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cascadiasolutions.ca/en/UltraBranch/images/homeSprites.png
Requested by: Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 20 Feb 2020 23:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjEMZnw3SrMFrO%2FGEOIOq6jiiB1J%2FutKuwkK7WE2wONN7htwan74T1UHXs7CNu9oqtQssX2bvzOymhN2gQ8BdBjMOnHfO7O4gLtJgwLBlrcbCqOFlxMFkFTdwMvySQIDUlawoDniSRDZi4LwSRNExfJaqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 7532b32a4c974bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navSprites.png
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/images/ 14 KB
15 KB 246ms
244ms Image
image/png 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/images/navSprites.png

Requested by

Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-base.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv3ixL0ByglSy%2BxNYDO0WgDhZNVoiWGmBfNNjxeaE3O8Q3ByVOyJuoxuSyRCjPmDZrf8fxsaI0vxV7uJKAJB2yxF4IeEXx%2BM3ss3ayu60CMPN%2FBtwJKiETiWx7wBHnNhwNBesn9Mx94ng0tTetaRK4di5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7532b32a4c9d4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14383
x-xss-protection: 1; mode=block

GET
H3 200 PTN57F-webfont.woff
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/fonts/ 25 KB
25 KB 253ms
251ms Font
font/woff 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/fonts/PTN57F-webfont.woff

Requested by

Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusafonts.css?20181128

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusafonts.css?20181128
Origin: https://cascadiasolutions.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 08:44:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEmXETM4HQbqF%2BbnPT7d3yK9JftIrEzaTOhLDL3CS5zPZ41KhsBTJv7HGUn60GqoXH7YkmScEmVillAgT3xfK9gd0gdYp%2Bzi17WZ7kWP2xK6vwvFpL%2FCF%2FcuyX%2F8z29r01iZRf7JJF570Fq0TzhkTjDoRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7532b32a4c9e4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25232
x-xss-protection: 1; mode=block

GET
H3 200 AkusaIcon.woff
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/fonts/ 17 KB
17 KB 234ms
233ms Font
font/woff 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/fonts/AkusaIcon.woff?j5gpp4

Requested by

Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusafonts.css?20181128

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3230f11f87ac7aa3afcde93c95793a2e00651d4bbae8b8fc3d12667daf8052fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusafonts.css?20181128
Origin: https://cascadiasolutions.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 08:45:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mFTg5W5Eyeokhi2vfI3%2B9a29nHtXKpIVUvuof3BuOHiaDz4UvuUOm1b9SJjg7RShaJ92jXT02ry7rL4lc0r5R0JCIlYtjgER2A%2B6v%2Bzx7MOBNczfHK7CJ5xtrX%2BHibgHZ1RTIR8Yj8OwbZ11Z%2Fa%2FaATFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7532b32a4c9f4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17108
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 61ms
33ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1591994881&t=pageview&_s=1&dl=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&ul=en-us&de=UTF-8&dt=Alaska%20USA%20services%20for%20you&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1853790835&gjid=1186217708&cid=1580150014.1664601110&tid=UA-105087488-1&_gid=674471.1664601110&_r=1&gtm=2wg9s0W942G3C&z=518439763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cascadiasolutions.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cascadiasolutions.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 header_bg.png
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/images/ 8 KB
8 KB 240ms
240ms Image
image/png 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/images/header_bg.png

Requested by

Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-desktop.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:50:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAahbKcP3lYICwpvT4wuF1BOjifgvLycK08h66AbWjdjPbz7ln1KLOaRzMAdGmaw98DrRi%2FLcCficVlC%2BNuUD2oyFKbJcvvTOEpWg9nRN49bqSRASTjsuGD5OGd8E6sGijxPHyBrHbpAC3SGWjynCX35%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7532b32a9cd74bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8058
x-xss-protection: 1; mode=block

GET
H3 200 homeSprites.png
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/images/ 186 KB
186 KB 240ms
240ms Image
image/png 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/images/homeSprites.png

Requested by

Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-desktop.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/akusa-desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 20 Aug 2019 03:53:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gr0JkpkK7LLsHlnKop02iZJj6uVGfs3JGWvSO6sFk8B1pOXSN88e7%2Fxsp%2FXICHhEtClfr%2FVGNm9TQTUIRn%2FIv2%2BHcfZRhabOkJVWIn6e8N2t88gK6QDvwPacNG46RnAYcC1mipfTY7crbehMff1%2F6oysfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7532b32a9cd94bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 190407
x-xss-protection: 1; mode=block

GET
H2 204 134612163.js Show response
bat.bing.com/p/action/ 0
119 B 64ms
64ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134612163.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 01 Oct 2022 05:11:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9E97CC44AEF74D3AABB9BEACE9480252 Ref B: YTO01EDGE0819 Ref C: 2022-10-01T05:11:50Z
x-cache: CONFIG_NOCACHE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/ 3 KB
2 KB 121ms
70ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/831978068/?random=1664601110212&cv=9&fst=1664601110212&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&tiba=Alaska%20USA%20services%20for%20you&auid=13687033.1664601110&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5318ef604b93767efd9636fea555717e11ce00ea38a2dede800f36a100d09182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
213 B 95ms
84ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=25948200&u=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.30
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 33
cf-ray: 7532b32b0a974bc5-YUL
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
32ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R11FYFZ8HF&gtm=2oe9s0&_p=1591994881&cid=1580150014.1664601110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664601110&sct=1&seg=0&dl=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&dt=Alaska%20USA%20services%20for%20you&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R11FYFZ8HF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cascadiasolutions.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 86ms
34ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-105087488-1&cid=1580150014.1664601110&jid=1853790835&gjid=1186217708&_gid=674471.1664601110&_u=YEBAAEAAAAAAAC~&z=849310772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cascadiasolutions.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cascadiasolutions.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/831978068/ 42 B
154 B 88ms
39ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/831978068/?random=1664601110212&cv=9&fst=1664600400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&tiba=Alaska%20USA%20services%20for%20you&async=1&fmt=3&is_vtc=1&random=4144200983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/831978068/ 42 B
154 B 97ms
40ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/831978068/?random=1664601110212&cv=9&fst=1664600400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&tiba=Alaska%20USA%20services%20for%20you&async=1&fmt=3&is_vtc=1&random=4144200983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 73ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-105087488-1&cid=1580150014.1664601110&jid=1853790835&_u=YEBAAEAAAAAAAC~&z=1631435817

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 82ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-105087488-1&cid=1580150014.1664601110&jid=1853790835&_u=YEBAAEAAAAAAAC~&z=1631435817

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 05:11:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 agf.gif Show response
cascadiasolutions.ca/ 12 KB
4 KB 81ms
81ms XHR
text/html 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cascadiasolutions.ca/agf.gif?t=pv&pv=%2Fen%2FUltraBranch%2Flogin.php&tt=Alaska+USA+services+for+you&qr=cmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&vt=new&sc=direct&md=(none)&dp=24&sh=1200&sw=1600&bn=Chrome&bv=106&pn=Windows&pr=10&bl=en-us&js=1.5&hn=cascadiasolutions.ca&vi=33475084&vs=334750841664601111&_=485263&v=040
Requested by: Host: www.alaskausa.org
URL: https://www.alaskausa.org/js/jsSuite-1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/login.php?cmd=login_submit&id=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&session=94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Feb 2020 23:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOEKAQi3SV77l5G%2BRbqHx7jI8DqGChXNF9%2BxBrKFW77zLjPWWgyO%2BTUCCSCNMVFVx1fAx%2B9FriIjXvOB2gDvNRE1rPP27v90ZxN2U%2BXiAzWfL7UnCA5X%2BowkRxrOZnBUgPhxxqfZ35t7HWYwxmG5SJzpVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 7532b33039eb4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 ajax-loader.gif
cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ 12 KB
12 KB 252ms
252ms Image
text/html 2606:4700:3036::ac43:d1a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ajax-loader.gif
Requested by: Host: cascadiasolutions.ca
URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/slick.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d1a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/slick.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 05:11:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 20 Feb 2020 23:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9%2BuTEAO0arN64g74pFeRwg9AupNCmOdgqZb9VzD%2BP2c5Yt4M2hRswUWBFrVDOfkftGRduPrFV40MSkPcqnqo1w50npnz2jH6W2B3I5OVOH3CfK4072NwHeLJ7c9gySoKlRrdmMak6au8FV%2FxZFPKH6CbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 7532b33049fe4bb8-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 0
bat.bing.com/action/ 0
175 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134612163&tm=gtm002&Ver=2&mid=2ceb5a26-abb9-4731-aa5a-0220182eb4ab&sid=8eb601a0414711ed91866ff9e9cf005a&vid=8eb62300414711ed9348a3c4d802b831&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Alaska%20USA%20services%20for%20you&kw=AlaskaUSA,%20Alaska,%20Arizona,%20Washington,%20USA,%20San%20Bernardino%20California,%20Victor%20Valley,%20High%20Desert,%20Anchorage,%20Credit%20Union,%20Bank,%20Financial,%20Finance,%20Loan,%20Credit,%20Lending,%20Insurance,%20Mortgage,%20Refinance,%20home,%20Online%20banking,%20by%20phone,%20UltraBranch,%20Saving,%20Checking,%20Account,%20Money,%20Service,%20Relocate,%20Moving,%20Real%20Estate,%20business,%20AKUSA&p=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&r=&lt=2407&evt=pageLoad&sv=1&rn=940585

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cascadiasolutions.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 01 Oct 2022 05:11:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03301333777F49AB829F99071C798D58 Ref B: YTO01EDGE0819 Ref C: 2022-10-01T05:11:51Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame A3B2
Redirect Chain

https://insight.adsrvr.org/track/up?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038...
https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038...

893 B
1 KB

29ms
26ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&upid=q8skero&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 18ab22cc83fe65fdef7788cfd2415d5f3a8a0a46b5f0db836d45ccdc4694afa5

Request headers

Referer: https://cascadiasolutions.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sat, 01 Oct 2022 05:11:51 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sat, 01 Oct 2022 05:11:51 GMT
location: https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&upid=q8skero&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame A3B2 487 B
987 B 23ms
23ms Script
application/x-javascript 13.32.206.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=p6q6pct&ref=https%3A%2F%2Fcascadiasolutions.ca%2Fen%2FUltraBranch%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&upid=q8skero&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.206.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-206-122.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 22:53:53 GMT
Via: 1.1 9e18259ccc98f7a9dcd0fe17b60688c2.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
Age: 22679
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 5UObfAI8YRa95XG47f6FEjEOuB0hTDzn3PbXEvhD_976zSJ_p_2z5w==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 2DC3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YmIwOTg3ZjktMDk3YS00NWQzLWIzOGEtNTgxYTUyZDc4NTQ5&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a5...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549&google_gid=CAESEIK0GONExZuyV9ygjEsvhwM&google_cver=1

70 B
591 B

25ms
25ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549&google_gid=CAESEIK0GONExZuyV9ygjEsvhwM&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sat, 01 Oct 2022 05:11:51 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 05:11:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549&google_gid=CAESEIK0GONExZuyV9ygjEsvhwM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 1547
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dbb0987f9-097a-45d3-b38a-581a52d78549
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=9151121904508231339&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549

70 B
591 B

25ms
25ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=9151121904508231339&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sat, 01 Oct 2022 05:11:51 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

AN-X-Request-Uuid: 77510f4d-2cee-4bae-bdab-d37a5b2f03e7
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 01 Oct 2022 05:11:51 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=9151121904508231339&ttd_tdid=bb0987f9-097a-45d3-b38a-581a52d78549
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame C809
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=bb0987f9-097a-45d3-b38a-581a52d78549&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=bb0987f9-097a-45d3-b38a-581a52d78549&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-H1pbGBhE2uLFKJaufWDSKt8mxCS_drY-~A&gdpr=0&gdpr_consent=

70 B
591 B

25ms
25ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-H1pbGBhE2uLFKJaufWDSKt8mxCS_drY-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sat, 01 Oct 2022 05:11:51 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Sat, 01 Oct 2022 05:11:51 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-H1pbGBhE2uLFKJaufWDSKt8mxCS_drY-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cascadiasolutions.ca/	1970-01-20 08:32:57	Name: _gcl_au Value: 1.1.13687033.1664601110
.bing.com/	1970-01-20 15:44:57	Name: MUID Value: 3929D8757DD669BC3778CA457CFC6848
.bat.bing.com/	1970-01-20 06:33:25	Name: MR Value: 0
.cascadiasolutions.ca/	1970-01-20 06:24:47	Name: _gid Value: GA1.2.674471.1664601110
.cascadiasolutions.ca/	1970-01-20 06:23:21	Name: _gat_UA-105087488-1 Value: 1
.cascadiasolutions.ca/	1970-01-20 15:59:21	Name: _ga_R11FYFZ8HF Value: GS1.1.1664601110.1.0.1664601110.0.0.0
.cascadiasolutions.ca/	1970-01-20 15:59:21	Name: _ga Value: GA1.1.1580150014.1664601110
prism.app-us1.com/	1970-01-20 07:06:33	Name: prism_25948200 Value: c8b38798-5fa6-4a57-8b17-baeaf98e7658
cascadiasolutions.ca/	1969-12-31 23:59:59	Name: agft Value: b73e666a47b979ba3845bfeb53203040.33475084
cascadiasolutions.ca/	1970-01-20 10:42:33	Name: agfs Value: b73e666a47b979ba3845bfeb53203040.33475084&1664601111&1664601112&direct&(none)&&&&&
.cascadiasolutions.ca/	1970-01-20 06:24:47	Name: _uetsid Value: 8eb601a0414711ed91866ff9e9cf005a
.cascadiasolutions.ca/	1970-01-20 15:44:57	Name: _uetvid Value: 8eb62300414711ed9348a3c4d802b831
.adsrvr.org/	1970-01-20 15:08:57	Name: TDID Value: bb0987f9-097a-45d3-b38a-581a52d78549
.adnxs.com/	1970-01-20 08:32:57	Name: uuid2 Value: 9151121904508231339
.doubleclick.net/	1970-01-20 15:44:57	Name: IDE Value: AHWqTUnNmyUnyThBrnR_6-gfyr_9k1QXhKHFkIVywsRK2bWmoL57Ew3lRrUiZp7_MFI
.yahoo.com/	1970-01-20 15:09:18	Name: A3 Value: d=AQABBBfMN2MCEDZI8I_mApi_LEWdiA1-POoFEgEBAQEdOWNBYwAAAAAA_eMAAA&S=AQAAAiEGdK_tt-ajl78CTGmVI1U
.analytics.yahoo.com/	1970-01-20 15:08:57	Name: IDSYNC Value: 1769~27gt
.adsrvr.org/	1970-01-20 15:08:57	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI-o2luK_dkTsQBRIXCghhcHBuZXh1cxILCO7-krqv3ZE7EAUSGQoKcmlnaHRtZWRpYRILCPqNpbiv3ZE7EAUYBSACKAMyCwj6hajlxd2ROxAFQg8iDQgBEgkKBXRpZXIyEAFaB3A2cTZwY3RgAQ..

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cascadiasolutions.ca/en/UltraBranch/images/homeSprites.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cascadiasolutions.ca/agf.gif?t=pv&pv=%2Fen%2FUltraBranch%2Flogin.php&tt=Alaska+USA+services+for+you&qr=cmd%3Dlogin_submit%26id%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e%26session%3D94558bccb72f45c8038967d14a0b2d1e94558bccb72f45c8038967d14a0b2d1e&vt=new&sc=direct&md=(none)&dp=24&sh=1200&sw=1600&bn=Chrome&bv=106&pn=Windows&pr=10&bl=en-us&js=1.5&hn=cascadiasolutions.ca&vi=33475084&vs=334750841664601111&_=485263&v=040 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cascadiasolutions.ca/en/UltraBranch/efs/servlet/efs/css/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cascadiasolutions.ca
cm.g.doubleclick.net
diffuser-cdn.app-us1.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
prism.app-us1.com
stats.g.doubleclick.net
ups.analytics.yahoo.com
www.alaskausa.org
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
107.162.171.161
13.32.206.122
142.250.80.34
142.251.35.162
2001:4860:4802:38::178
2606:4700:3036::ac43:d1a3
2606:4700::6811:925b
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::2008
2607:f8b0:4006:824::2003
2620:1ec:c11::200
35.71.131.137
52.45.33.138
68.67.160.75
02ca1096a4032bceab99b6b588b0763f3eac608d12852dc1b0252601ad062bd5
03adc4dc515be5d90fd135e9745f7833c80c921a5b054e827067bf6ef0171fb3
06395f633868ad3aa91e289fa08624e594e662f421be4a77bcfa12a59c0b4108
0c0db8b02b367b0a0a825d7b53e089d070675e46f495e248b501a7688774e7c5
1005c81e34195681e8804f8c3373eb694a24a3b1b29e213bb15eb62558fd7e2f
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
18ab22cc83fe65fdef7788cfd2415d5f3a8a0a46b5f0db836d45ccdc4694afa5
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
20d671de1670da2a8ee8bd9047a73e43b0801f1e06a2e7ff98745d860978ae3c
2a9ea79fd7475239fbaf329d96211c18d1ad812be5f402fe9571c5db6c789f46
2c48b99e9c312705a2f9f1bd431a2f29dc6d054fb8b35a3c942a15b85c80e385
2c53140cdd86f30ae393d068e42b450682cae7f1a4d0b14d93dbe0ff7b55a27d
2e7c0c05ccdc6f730310f1bc9477aa87364fb7b31625aad63005f84029b15a00
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3230f11f87ac7aa3afcde93c95793a2e00651d4bbae8b8fc3d12667daf8052fa
43993e35dabe9b51ad7e918e1834fa907130d3d3115169ccfef1077f678d0fbc
505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf
52ede95b184ea1641142a58a4befef5f28ba6b56fad29e715e3019a9321ce7b1
5318ef604b93767efd9636fea555717e11ce00ea38a2dede800f36a100d09182
554c07478a401d7c8e04b5fd72508a24da109c85451b1356d5ea6700d0859ce9
57e36e601c00b7303300b847252d692ed85f713f8b4bae390073cafe5cc36734
58fbb78a8290a84a46f7ee5480a62d5adeeae8f0b1a59365e77b8e304910a2ce
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
6576aabdca12a92de4d7a23c30af644d4a5105217700cd9f9a2b769a620774e3
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
7249bc73560b249e77e116189d54d03475b303396354d60cca2291095a77c345
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
904cd9838fb672adb5bd6c0d893d3c00920bb50f9774b71790b1017b4e42b2e5
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
ada947c677d1485882386e2d55b8f4af932468a901bd8540e51bc53530c91861
b8ce2661c681e99678f9005f3641197c0dce7579c61624e528c71e4e683042aa
b8d3ba1d2278fadfc8ea7e17c4babe8b3d8c629b2e7e3e33690ee94e182cd79e
bca5da5fbdc9292cedb816e85db8980b5fbacf78e21d460b56aca95750ad5a43
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
c0a586167b9fcc911c0688cf356973153d51d57dcb909a671f92c9c198d3d611
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
dab4dd2fc46c7aa07526cacce2b4111e56d2c57443449519b04af9dec4cfe019
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7e3eb312cccb6419c3aec05f31125d606b83c1fe8c91b30a13e8ed4f6403aab

cascadiasolutions.ca Open in urlscan Pro 2606:4700:3036::ac43:d1a3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

56 %IPv6

13 Domains

18 Subdomains

13 IPs

1 Countries

1195 kBTransfer

1990 kBSize

18 Cookies

15 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cascadiasolutions.ca Open in urlscan Pro
2606:4700:3036::ac43:d1a3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

18
Subdomains

13
IPs

1
Countries

1195 kB
Transfer

1990 kB
Size

18
Cookies

58 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!