urlscan.io logo urlscan.io
SecurityTrails logo

my.countryfinancial.com Open in urlscan Pro
208.74.228.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.countryfinancial.com/
Effective URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Submission: On January 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 57 HTTP transactions. The main IP is 208.74.228.57, located in Bloomington, United States and belongs to COUNTRY-INSURANCE - CC Services, Inc, US. The main domain is my.countryfinancial.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 31st 2018. Valid for: 2 years.
This is the only time my.countryfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 5 208.74.228.57 10511 (COUNTRY-I...)
6 208.74.228.151 10511 (COUNTRY-I...)
2 2.21.37.83 20940 (AKAMAI-ASN1)
12 23.38.53.224 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 4 54.154.158.135 16509 (AMAZON-02)
2 172.82.236.170 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 54.77.130.155 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 34.241.247.9 16509 (AMAZON-02)
1 184.31.90.134 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 216.58.205.226 15169 (GOOGLE)
2 204.79.197.200 8068 (MICROSOFT...)
1 52.85.184.50 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
2 2 142.0.160.13 7160 (NETDYNAMICS)
1 2 104.111.241.32 16625 (AKAMAI-AS)
1 2a03:2880:f11... 32934 (FACEBOOK)
7 35.167.98.143 16509 (AMAZON-02)
1 54.72.147.141 16509 (AMAZON-02)
1 23.211.8.142 16625 (AKAMAI-AS)
57 25
5    208.74.228.57 (Bloomington, United States)

ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US)
my.countryfinancial.com
6    208.74.228.151 (Bloomington, United States)

ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US)
PTR: countryfinancialsecurity.com
www.countryfinancial.com
2    2.21.37.83 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-83.deploy.static.akamaitechnologies.com
assets.adobedtm.com
12    23.38.53.224 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com
use.typekit.net
1    2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    54.154.158.135 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-158-135.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    172.82.236.170 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: countryfinancial.com.ssl.sc.omtrdc.net
smetrics.countryfinancial.com
1    66.117.28.86 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    54.77.130.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
ccservicesinc.demdex.net
2    2a00:1450:400c:c08::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
3    2a00:1450:4001:809::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:808::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    34.241.247.9 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-247-9.eu-west-1.compute.amazonaws.com
analytics.analytics-egain.com
1    184.31.90.134 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-134.deploy.static.akamaitechnologies.com
img03.en25.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
www.googleadservices.com
2    204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com
1    52.85.184.50 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-184-50.fra2.r.cloudfront.net
js.adsrvr.org
1    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a02:26f0:64:48a::19fd (European Union)

ASN20940 (AKAMAI-ASN1, US)
p.typekit.net
2    142.0.160.13 (Redwood City, United States)

ASN7160 (NETDYNAMICS - Oracle Corporation, US)
s1507381507.t.eloqua.com
2    104.111.241.32 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
7    35.167.98.143 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-167-98-143.us-west-2.compute.amazonaws.com
countryfinancial.egain.cloud
1    54.72.147.141 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-147-141.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    23.211.8.142 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-8-142.deploy.static.akamaitechnologies.com
zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com
Domain Requested by
12 use.typekit.net my.countryfinancial.com
use.typekit.net
7 countryfinancial.egain.cloud analytics.analytics-egain.com
countryfinancial.egain.cloud
6 www.countryfinancial.com my.countryfinancial.com
5 my.countryfinancial.com 4 redirects
4 dpm.demdex.net 1 redirects my.countryfinancial.com
4 www.google-analytics.com 2 redirects assets.adobedtm.com
my.countryfinancial.com
3 www.google.de my.countryfinancial.com
3 www.google.com 2 redirects my.countryfinancial.com
2 tags.bluekai.com 1 redirects my.countryfinancial.com
2 s1507381507.t.eloqua.com 2 redirects
2 bat.bing.com my.countryfinancial.com
2 connect.facebook.net my.countryfinancial.com
connect.facebook.net
2 analytics.analytics-egain.com my.countryfinancial.com
analytics.analytics-egain.com
2 stats.g.doubleclick.net 2 redirects
2 smetrics.countryfinancial.com assets.adobedtm.com
my.countryfinancial.com
2 assets.adobedtm.com my.countryfinancial.com
assets.adobedtm.com
1 zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com my.countryfinancial.com
1 insight.adsrvr.org js.adsrvr.org
1 www.facebook.com my.countryfinancial.com
1 p.typekit.net my.countryfinancial.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 js.adsrvr.org assets.adobedtm.com
1 www.googleadservices.com my.countryfinancial.com
1 img03.en25.com my.countryfinancial.com
1 ccservicesinc.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 fonts.googleapis.com my.countryfinancial.com
57 27
Subject Issuer Validity Valid
*.apps.cloud.countryfinancial.com
Entrust Certification Authority - L1K		 2018-07-31 -
2020-10-30		 2 years crt.sh
countryfinancial.com
Entrust Certification Authority - L1M		 2018-01-20 -
2020-04-19		 2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2018-04-06 -
2019-04-11		 a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2018-07-20 -
2020-01-03		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
smetrics.countryfinancial.com
Entrust Certification Authority - L1K		 2018-10-22 -
2021-01-21		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.analytics-egain.com
Go Daddy Secure Certificate Authority - G2		 2017-09-07 -
2020-09-07		 3 years crt.sh
*.en25.com
DigiCert SHA2 Secure Server CA		 2018-04-25 -
2019-07-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
www.googleadservices.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 5		 2017-07-20 -
2019-07-10		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2017-02-15 -
2019-04-19		 2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
www.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh
*.egain.cloud
Go Daddy Secure Certificate Authority - G2		 2016-03-25 -
2019-03-25		 3 years crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://my.countryfinancial.com/portal/dispatcher/sign-in
Frame ID: A74BEB5EB8C36D98065827FB1037D276
Requests: 52 HTTP requests in this frame

Frame: https://ccservicesinc.demdex.net/dest5.html?d_nsid=0
Frame ID: 7253D789C5DE4CA6720EBCBB129B701F
Requests: 1 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/onetag/EG93074856
Frame ID: DBAAFE97D4252CCB3D18119A24643537
Requests: 1 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/iframe/EG93074856
Frame ID: CF26164B8A5727CEF46FA98E6D9DA178
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=usq8e9i&ref=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&upid=ecfzo3k&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
Frame ID: 7A98C9AE263C78E79A2F8C64B13851D5
Requests: 1 HTTP requests in this frame

Frame: https://countryfinancial.egain.cloud/system/cb/cs/checkSession.html?wsname=https://my.countryfinancial.com
Frame ID: 3F638137471FADF0360AA01D2F3B711E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://my.countryfinancial.com/ HTTP 302
    https://my.countryfinancial.com/ HTTP 302
    https://my.countryfinancial.com/portal/dispatcher/ HTTP 302
    https://my.countryfinancial.com/portal/dispatcher/my-account HTTP 302
    https://my.countryfinancial.com/portal/dispatcher/sign-in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • env /^Typekit$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

57
Requests

98 %
HTTPS

33 %
IPv6

21
Domains

27
Subdomains

25
IPs

5
Countries

875 kB
Transfer

2060 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.countryfinancial.com/ HTTP 302
    https://my.countryfinancial.com/ HTTP 302
    https://my.countryfinancial.com/portal/dispatcher/ HTTP 302
    https://my.countryfinancial.com/portal/dispatcher/my-account HTTP 302
    https://my.countryfinancial.com/portal/dispatcher/sign-in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
Request Chain 12
  • https://cm.everesttech.net/cm/dd?d_uuid=76147851353423391594150555835503573267 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XDzF8AAAD4M4kBN_
Request Chain 21
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=56994533&t=pageview&_s=1&dl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&ul=en-us&de=UTF-8&dt=MyCOUNTRY%20-%20sign-in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACQABB~&jid=86107712&gjid=364427816&cid=1619849749.1547486704&tid=UA-54439328-1&_gid=295657781.1547486704&_r=1&z=1416118930 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_gid=295657781.1547486704&gjid=364427816&_v=j72&z=1416118930 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_v=j72&z=1416118930 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_v=j72&z=1416118930&slf_rd=1&random=2718963677
Request Chain 38
  • https://s1507381507.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1507381507&ref2=elqNone&tzo=0&ms=561&optin=disabled HTTP 302
  • https://s1507381507.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1507381507&ref2=elqNone&tzo=0&ms=561&optin=disabled&elqCookie=1 HTTP 302
  • https://tags.bluekai.com/site/25405?vid=397bce31330b476aaecc4fd0c4d2eed7 HTTP 302
  • https://tags.bluekai.com/site/25405?dt=0&r=612379022&sig=2772492666&bkca=KJyg060hBqR6E6omBER6BMj/1MWlu6h1EDTtuDLhuejJ1DoBEEWc91MRYFQ=
Request Chain 54
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=56994533&t=timing&_s=3&dl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&ul=en-us&de=UTF-8&dt=MyCOUNTRY%20-%20sign-in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4177&pdt=111&dns=0&rrt=1146&srt=118&tcp=0&dit=2616&clt=2616&_gst=1540&_gbt=2324&_u=aHBACQABB~&jid=2116125551&gjid=182541602&cid=1619849749.1547486704&tid=UA-54439328-1&_gid=295657781.1547486704&_r=1&z=1955664788 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_gid=295657781.1547486704&gjid=182541602&_v=j72&z=1955664788 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_v=j72&z=1955664788 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_v=j72&z=1955664788&slf_rd=1&random=2229373040

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sign-in
my.countryfinancial.com/portal/dispatcher/
Redirect Chain
  • http://my.countryfinancial.com/
  • https://my.countryfinancial.com/
  • https://my.countryfinancial.com/portal/dispatcher/
  • https://my.countryfinancial.com/portal/dispatcher/my-account
  • https://my.countryfinancial.com/portal/dispatcher/sign-in
11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.74.228.57 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
Software
/
Resource Hash
f154fd0083701384ae2586b26a87b0e10e8dba2be7131da0ce17cbbb8af0040d
Security Headers
Name Value
Content-Security-Policy default-src * ;script-src * 'unsafe-inline';style-src * 'unsafe-inline';img-src 'self' data: *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
my.countryfinancial.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
CF_MC_AUTHENTICATED=false; SESSION=b8c1a9d3-710a-4387-8f84-7fc054edd195
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Language
en-US
Content-Security-Policy
default-src * ;script-src * 'unsafe-inline';style-src * 'unsafe-inline';img-src 'self' data: *
Content-Type
text/html;charset=UTF-8
Date
Mon, 14 Jan 2019 17:25:02 GMT
Set-Cookie
CF_MC_AUTHENTICATED=false; Domain=countryfinancial.com; Path=/; Secure
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Application-Context
MyCountryMVC:production_green,cloud:0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Vcap-Request-Id
321f9b36-8975-442a-74d5-02ddefb4fa8f
X-Xss-Protection
1; mode=block
Transfer-Encoding
chunked

Redirect headers

Content-Length
0
Date
Mon, 14 Jan 2019 17:25:02 GMT
Location
https://my.countryfinancial.com/portal/dispatcher/sign-in
X-Vcap-Request-Id
f2ad1869-f3d3-4ed3-7fa2-583bcd9dea14
myCountry.min.css
www.countryfinancial.com/etc/designs/cfin/ 		874 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.css
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.74.228.151 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
countryfinancialsecurity.com
Software
Apache /
Resource Hash
90feb7878533b3fa1166ed7123150bdc221e0863229aafc4803799c0fa84451e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Cookie
CF_MC_AUTHENTICATED=false
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Upgrade, Keep-Alive
X-dynaTrace
PT=10489615;PA=-2004641663;SP=Prod Enterprise;PS=-606767429
Last-Modified
Mon, 14 Jan 2019 16:53:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"da95e-57f6de277335d-gzip"
Vary
Accept-Encoding
Upgrade
h2
X-XSS-Protection
1; mode=block
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=200
launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
assets.adobedtm.com/ 		195 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-37-83.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
381377b76dfd2aa64dacc36e3dab0783ee176dfdd1c0edf8f499bc1e3d414a6a

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 15:34:44 GMT
Server
Apache
ETag
"bf403a79ec289bf9b33f28edc47d7590:1546875284"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 14 Jan 2019 18:25:03 GMT
bmk6quo.js
use.typekit.net/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/bmk6quo.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2bc0fd07e347e2d9d5651224e98512703ca2e89651b2c622133800a7363c2c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Mon, 14 Jan 2019 17:25:03 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7659
css
fonts.googleapis.com/ 		445 B
389 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=La+Belle+Aurore
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b69380cda6b4670391f4b4668ce8537b789a820af4ffcc916ac5f4a08a2c0433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Jan 2019 17:25:03 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 14 Jan 2019 17:25:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Mon, 14 Jan 2019 17:25:03 GMT
mobile-country-logo.png
www.countryfinancial.com/content/dam/cfin/common/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.countryfinancial.com/content/dam/cfin/common/mobile-country-logo.png
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.74.228.151 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
countryfinancialsecurity.com
Software
Apache /
Resource Hash
108079c96d42b97b4d8110b3493675c2d889d255107d7bee0b41445834203a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Cookie
CF_MC_AUTHENTICATED=false
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Jan 2019 16:53:31 GMT
Server
Apache
ETag
"17ae-57f6de2783145"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
X-XSS-Protection
1; mode=block
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=200
Content-Length
6062
X-dynaTrace
PT=10489622;PA=-2004641663;SP=Prod Enterprise;PS=-606767429
entrust-logo-mobile.png
www.countryfinancial.com/content/dam/cfin/common/footer/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.countryfinancial.com/content/dam/cfin/common/footer/entrust-logo-mobile.png
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.74.228.151 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
countryfinancialsecurity.com
Software
Apache /
Resource Hash
794b6e5a8c2edf58d1f10d5dcaa7966664ee64627407a4a0e37020390efc7a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Cookie
CF_MC_AUTHENTICATED=false; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1303530583%7CMCIDTS%7C17911%7CMCMID%7C71248555819268585223662561545208570462%7CMCAAMLH-1548091503%7C6%7CMCAAMB-1548091503%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1547493903s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.3.0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Jan 2019 16:53:19 GMT
Server
Apache
ETag
"366f-57f6de1c40c0f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
13935
X-dynaTrace
PT=10489623;PA=-2004641663;SP=Prod Enterprise;PS=-606767429
myCountry.min.js
www.countryfinancial.com/etc/designs/cfin/ 		284 KB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.74.228.151 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
countryfinancialsecurity.com
Software
Apache /
Resource Hash
67bdfe248850108a8d50908e6fe2d13b313c8aa5d399b6b93e1795ed555f2be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Cookie
CF_MC_AUTHENTICATED=false
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Jan 2019 16:53:31 GMT
Server
Apache
ETag
"46e07-57f6de27727a5"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
X-XSS-Protection
1; mode=block
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=200
Content-Length
290311
X-dynaTrace
PT=10489616;PA=-2004641663;SP=Prod Enterprise;PS=-606767429
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
2158
date
Mon, 14 Jan 2019 16:49:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Mon, 14 Jan 2019 18:49:06 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-158-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
X-TID
6PCByMvQSCo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://my.countryfinancial.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://my.countryfinancial.com
X-TID
6PCByMvQSCo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP23d75a37c9fa4adb8bac5e48782e354a/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP23d75a37c9fa4adb8bac5e48782e354a/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-37-83.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f075fc3ab73ee6642477ce9fa9d32b0504d21e6a2a658712afd7624e57ada8d

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 22:19:25 GMT
Server
Apache
ETag
"142ca96a6a27dd96ddb805378afd2014:1539296368"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *, *
Content-Length
12566
Expires
Mon, 14 Jan 2019 18:25:04 GMT
rd
dpm.demdex.net/id/ 		372 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5D94123F5245B19E0A490D45%40AdobeOrg&d_nsid=0&ts=1547486703414
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-158-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
567c2159c20fad9d51e6470cb71b63be1a4cafcc8d9cbd4312024581cefa9534

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v014-07a792333.edge-irl1.demdex.com 5.46.1.20190109131638 5ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
FqkPoKCFTDI=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://my.countryfinancial.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
308
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
smetrics.countryfinancial.com/ 		49 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.countryfinancial.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=5D94123F5245B19E0A490D45%40AdobeOrg&mid=71248555819268585223662561545208570462&ts=1547486703600
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.82.236.170 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
countryfinancial.com.ssl.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
cbb2c80434af4754872fecb314eb9855333f953fa6b13ba37805bcb54b91d34d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://my.countryfinancial.com
Accept-Encoding
gzip, deflate, br
Host
smetrics.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Cookie
CF_MC_AUTHENTICATED=false; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1303530583%7CMCIDTS%7C17911%7CMCMID%7C71248555819268585223662561545208570462%7CMCAAMLH-1548091503%7C6%7CMCAAMB-1548091503%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1547493903s%7CNONE%7CvVersion%7C3.3.0
Connection
keep-alive
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 14 Jan 2019 17:25:03 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www283
Vary
Origin
X-C
ms-6.5.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://my.countryfinancial.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
49
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XDzF8AAAD4M4kBN_
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=76147851353423391594150555835503573267
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XDzF8AAAD4M4kBN_
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XDzF8AAAD4M4kBN_
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.135 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-158-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v014-0c6ef2607.edge-irl1.demdex.com 5.46.1.20190109131638 4ms
Pragma
no-cache
X-TID
PF95VEioTRU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 14 Jan 2019 17:25:03 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XDzF8AAAD4M4kBN_
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
Cookie set dest5.html
ccservicesinc.demdex.net/ Frame 7253 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ccservicesinc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.130.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
ccservicesinc.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Accept-Encoding
gzip, deflate, br
Cookie
demdex=76147851353423391594150555835503573267
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 09 Jan 2019 14:44:05 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=76147851353423391594150555835503573267;Path=/;Domain=.demdex.net;Expires=Sat, 13-Jul-2019 17:25:04 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
KeAmjD2fRuo=
Content-Length
2764
Connection
keep-alive
logo-country.png
www.countryfinancial.com/content/dam/cfin/common/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.countryfinancial.com/content/dam/cfin/common/logo-country.png
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.74.228.151 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
countryfinancialsecurity.com
Software
Apache /
Resource Hash
3e09df511a74a34c17d089975631885a769b4f27ec2b20ce8c28c447aa831120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
www.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.css
Cookie
CF_MC_AUTHENTICATED=false; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1303530583%7CMCIDTS%7C17911%7CMCMID%7C71248555819268585223662561545208570462%7CMCAAMLH-1548091503%7C6%7CMCAAMB-1548091503%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1547493903s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.3.0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Jan 2019 16:53:31 GMT
Server
Apache
ETag
"12e6-57f6de27e9dcd"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
4838
X-dynaTrace
PT=10489632;PA=-2004641663;SP=Prod Enterprise;PS=-606767429
l
use.typekit.net/af/d21d6e/00000000000000003b9acb59/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d21d6e/00000000000000003b9acb59/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cfe835627f36e36babf01cbabcf2a297d3922598decb2fd4483c3316d19886f9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"f146012123a45c89697348a48f49de26780fea6b"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18328
l
use.typekit.net/af/78b81d/000000000000000000017489/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/78b81d/000000000000000000017489/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d12914c594700622c0a85abb840e0dc74be39c4d7b332d5c1f054b62d553d174

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"4a46150d35b534e49239512342b88bd300a7e9a0"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
20572
l
use.typekit.net/af/36c3ee/00000000000000003b9acb5a/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/36c3ee/00000000000000003b9acb5a/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d5813d4aa712a24e65b233870c92fbf1433d604ec84f73c4371fdedb5e4af133

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"c30ed7dcd81752e0492c70798e4c1c94136f10d2"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18268
cf-icons-styleguide.woff2
www.countryfinancial.com/content/dam/cfin/fonts/ 		0
0
l
use.typekit.net/af/3eb55d/00000000000000000001748a/27/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3eb55d/00000000000000000001748a/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
838e92159c182903ea9248569403c5b2aa3d5f4695cb447e331bd4d0c9f608ee

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"72b2cbca608dbe81ee11b62bdd2e0b25c1f175ed"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
20812
l
use.typekit.net/af/0be9a1/00000000000000003b9acb5d/27/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0be9a1/00000000000000003b9acb5d/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
601d5b587774fc312fe0fb268fb7f09a1232c7f84a57b1f6ede393743c3d94c5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"e1f5280aca95c6bf2d8519bb33914fb3b8306296"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
16824
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=56994533&t=pageview&_s=1&dl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&ul=en-us&de=UTF-8&dt=MyCOUNTRY%20-%20sign-i...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_gid=295657781.1547486704&gjid=364427816&_v=j72&z=1416118930
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_v=j72&z=1416118930
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_v=j72&z=1416118930&slf_rd=1&random=2718963677
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_v=j72&z=1416118930&slf_rd=1&random=2718963677
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=86107712&_v=j72&z=1416118930&slf_rd=1&random=2718963677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
EG93074856
analytics.analytics-egain.com/onetag/ Frame DBAA 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/onetag/EG93074856
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.247.9 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-241-247-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
95b13eb23cca7150638085583cb49e58e85538b923f361365692bd2d7ae694c4

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Server
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
4573
Expires
Tue, 15 Jan 2019 17:25:04 GMT
elqCfg.min.js
img03.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/i/elqCfg.min.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.90.134 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-90-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Oct 2018 07:42:47 GMT
ETag
"2185547dff6cd41:0"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA"
Cache-Control
no-cache, no-store
Date
Mon, 14 Jan 2019 17:25:04 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
2118
Expires
Mon, 14 Jan 2019 17:25:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
235da1ee79811631e184d8e99dab2ae5195d476d1138f1f49a8645c53a1803fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
14941
x-xss-protection
0
pragma
public
x-fb-debug
B/nBKjAtqy99XMJZHyg1/VBgBsF5X6RLZJYKwBJSbNLG+ifaKAOG5xOaUqEQfTKjd9cnPMhE0dp0DAL/qZdtbw==
date
Mon, 14 Jan 2019 17:25:04 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
0e3483cac2367405c4cfa6c50c763a08d75e821abc98914ef88bde1ba04419df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8905
x-xss-protection
1; mode=block
server
cafe
etag
14536679223351690252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Jan 2019 17:25:04 GMT
bat.js
bat.bing.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
9e03d610493a32cfa7a9750ac0c194f807c46926270e565fc8b41ee71053a52d

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
content-encoding
gzip
last-modified
Fri, 04 Jan 2019 00:35:47 GMT
x-msedge-ref
Ref A: 32E4D93089434E6D9959EE75A07897B7 Ref B: FRAEDGE0918 Ref C: 2019-01-14T17:25:04Z
access-control-allow-origin
*
etag
"80b3316fc5a3d41:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
6891
up_loader.1.1.0.js
js.adsrvr.org/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.184.50 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-184-50.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd338a175e4e81e2f44e03cd956e03b7a7619301ab1178b19e1311eacc414463

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 03:47:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Jul 2018 16:06:43 GMT
Server
AmazonS3
Age
88147
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
LKkdSgQKRqcZR3exAFUfnkedZsrE06FHOpE1_teey1c3Yx7HPQu1uw==
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=56994533&t=pageview&_s=2&dl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&ul=en-us&de=UTF-8&dt=MyCOUNTRY%20-%20sign-in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBACQABB~&jid=&gjid=&cid=1619849749.1547486704&tid=UA-54439328-1&_gid=295657781.1547486704&z=34585710
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Dec 2018 22:09:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2142949
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
s52867908129119
smetrics.countryfinancial.com/b/ss/ccsccscountryfinancialprodaem,ccscountryfinancialglobalprod/1/JS-2.9.0-L8Z7/ 		43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.countryfinancial.com/b/ss/ccsccscountryfinancialprodaem,ccscountryfinancialglobalprod/1/JS-2.9.0-L8Z7/s52867908129119?AQB=1&ndh=1&pf=1&t=14%2F0%2F2019%2017%3A25%3A4%201%200&mid=71248555819268585223662561545208570462&aamlh=6&ce=UTF-8&pageName=CFC%3Aportal%3Asign-in&g=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&ch=portal&events=event10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=11&h1=CFC%3Aportal%3Asign-in&c2=D%3Dv2&v2=monday&c3=D%3Dv3&v3=weekday&c4=D%3Dv4&v4=new&c5=D%3Dv5&v5=1&c6=D%3Dv6&v6=O%20Days&v10=CFC%3Aportal%3Asign-in&c14=D%3Dv14&v14=Non%20Authenticated&v20=71248555819268585223662561545208570462&c21=D%3Dv31&c26=D%3Dv26&v26=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&c29=D%3Dv10&v33=1619849749.1547486704&v34=N%2FA&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5D94123F5245B19E0A490D45%40AdobeOrg&AQE=1
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.82.236.170 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
countryfinancial.com.ssl.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
smetrics.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Cookie
CF_MC_AUTHENTICATED=false; AMCVS_5D94123F5245B19E0A490D45%40AdobeOrg=1; AMCV_5D94123F5245B19E0A490D45%40AdobeOrg=-1303530583%7CMCIDTS%7C17911%7CMCMID%7C71248555819268585223662561545208570462%7CMCAAMLH-1548091503%7C6%7CMCAAMB-1548091503%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1547493903s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17918%7CvVersion%7C3.3.0; s_cc=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.5.1
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Tue, 15 Jan 2019 17:25:04 GMT
Server
Omniture DC/2.0.0
xserver
www212
ETag
"3323202392424513536-6758778384169305372"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Sun, 13 Jan 2019 17:25:04 GMT
l
use.typekit.net/af/aa242d/000000000000000000017485/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/aa242d/000000000000000000017485/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bmk6quo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
36aa372a69633fea9b6b23edebdd761ae918c6431f53c6e7f0ac1e614e8839f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"78d3743c1c5c72c2bd67e5fc2847d2d0e3e2cf77"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
20164
l
use.typekit.net/af/3bd3af/000000000000000000017486/27/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3bd3af/000000000000000000017486/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bmk6quo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f8894025edeb846ef8156e09be70e6e3f291bb8bfa111ba128a4ac46fd0c1a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"038e76c24d9a5c13f3751a8f2f18b58c360d0b32"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
20940
l
use.typekit.net/af/127f7b/00000000000000003b9acb5e/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/127f7b/00000000000000003b9acb5e/27/l?subset_id=2&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bmk6quo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d24e90bc40312e3b9a117d4d8c88653cd5500bfd11ee4cb41a3c30259184c9c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"3d03a318f700d434de0599f0f9e4c8dc39ebfcbf"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
17404
l
use.typekit.net/af/4f9e28/00000000000000003b9acb5c/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4f9e28/00000000000000003b9acb5c/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bmk6quo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d904248424d16c026aca30ae2affee26c1dbcf1e2e041fe5a86cc67a215dd028

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"03f35cbd1e6336a2edcd833da08a2d52f0861ea0"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18096
l
use.typekit.net/af/6b9929/00000000000000003b9acb58/27/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6b9929/00000000000000003b9acb58/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bmk6quo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3aa00edd17be705182320b98048720cb4dc65401748b73c19acf837f54853e4f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"6a709d42fab1e5a81fd566b9034d869d4bc8fc36"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
16888
l
use.typekit.net/af/27706f/00000000000000003b9acb56/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/27706f/00000000000000003b9acb56/27/l?subset_id=2&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bmk6quo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.53.224 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-53-224.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0246f5c23177e5bf7b3782753ff2b5b3cf647f91416b9dd43f9f6caa8c17afa7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Origin
https://my.countryfinancial.com

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
server
nginx
access-control-allow-origin
*
etag
"b577990ba4b1ce396e9145b5b3fb2845742a4d27"
content-type
application/font-woff2
status
200, 200 OK
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18380
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019681805/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1019681805/?random=1547486704511&cv=9&fst=1547486704511&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&tiba=MyCOUNTRY%20-%20sign-in&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
64507d1352c70d87b58375b10353c6a094a19148487d3dc6d5ea4862eb6d6fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
945
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.gif
p.typekit.net/ 		35 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=bmk6quo&ht=tk&h=my.countryfinancial.com&f=1877.1878.1879.1880.17265.17266.17267.17268.17269.17270.17272&a=1864423&js=1.19.2&app=typekit&e=js&_=1547486704552
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:48a::19fd , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Last-Modified
Thu, 12 Jul 2018 18:52:08 GMT
Server
nginx
ETag
"5b47a358-23"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Tue, 23 Oct 2018 23:04:41 GMT
25405
tags.bluekai.com/site/
Redirect Chain
  • https://s1507381507.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1507381507&ref2=elqNone&tzo=0&ms=561&optin=disabled
  • https://s1507381507.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1507381507&ref2=elqNone&tzo=0&ms=561&optin=disabled&elqCookie=1
  • https://tags.bluekai.com/site/25405?vid=397bce31330b476aaecc4fd0c4d2eed7
  • https://tags.bluekai.com/site/25405?dt=0&r=612379022&sig=2772492666&bkca=KJyg060hBqR6E6omBER6BMj/1MWlu6h1EDTtuDLhuejJ1DoBEEWc91MRYFQ=
62 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/25405?dt=0&r=612379022&sig=2772492666&bkca=KJyg060hBqR6E6omBER6BMj/1MWlu6h1EDTtuDLhuejJ1DoBEEWc91MRYFQ=
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.241.32 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-241-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jan 2019 17:25:05 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
dd58
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location
https://tags.bluekai.com/site/25405?dt=0&r=612379022&sig=2772492666&bkca=KJyg060hBqR6E6omBER6BMj/1MWlu6h1EDTtuDLhuejJ1DoBEEWc91MRYFQ=
Date
Mon, 14 Jan 2019 17:25:05 GMT
Connection
keep-alive
Content-Length
0
BK-Server
e571
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
180088205747465
connect.facebook.net/signals/config/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/180088205747465?v=2.8.37&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c40a56b230add6b27b34043514cd13214d9fd6d91f17aae500e21ad9635e574f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
6dpQePRnyBpkGRJmLECTrYbzyiy1bWw3gHNfADcso9MavpBsr3baoqjngc3ZomPoP4dLI3MvBFGTujfxC2qZOg==
date
Mon, 14 Jan 2019 17:25:04 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1019681805/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1019681805/?random=1547486704511&cv=9&fst=1547485200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&tiba=MyCOUNTRY%20-%20sign-in&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=817246989&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1019681805/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1019681805/?random=1547486704511&cv=9&fst=1547485200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&tiba=MyCOUNTRY%20-%20sign-in&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=817246989&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4043159&Ver=2&mid=1e070606-2115-103c-1dc2-2ce3f60c064c&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=MyCOUNTRY%20-%20sign-in&p=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&r=&lt=2631&evt=pageLoad&msclkid=N&rn=832759
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 14 Jan 2019 17:25:04 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: A7CA9F7FCE6F4ADA80A749F2E2606696 Ref B: FRAEDGE0918 Ref C: 2019-01-14T17:25:04Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=180088205747465&ev=PageView&dl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&rl=&if=false&ts=1547486704616&sw=1600&sh=1200&v=2.8.37&r=stable&ec=0&o=28&fbp=fb.1.1547486704616.739390486&it=1547486704569&coo=false
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 14 Jan 2019 17:25:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 14 Jan 2019 17:25:04 GMT
EG93074856
analytics.analytics-egain.com/iframe/ Frame CF26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://analytics.analytics-egain.com/iframe/EG93074856
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG93074856
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.247.9 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-241-247-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
analytics.analytics-egain.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in

Response headers

Cache-Control
max-age=86400
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 14 Jan 2019 17:25:04 GMT
Expires
Tue, 15 Jan 2019 17:25:04 GMT
Server
Vary
Accept-Encoding
Content-Length
1126
Connection
keep-alive
allow_cobrowse.js
countryfinancial.egain.cloud/system/cb/admin/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/cb/admin/js/allow_cobrowse.js
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG93074856
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e6ab16851c1d5c7659acbca8af4c1e238d7407597b7568987bcf9010b92df42e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Nov 2017 14:14:54 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Content-Length
4974
Offers.egain
countryfinancial.egain.cloud/system/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&egofferpagetitle=MyCOUNTRY%20-%20sign-in&egofferpatternchecksum=
Requested by
Host: analytics.analytics-egain.com
URL: https://analytics.analytics-egain.com/onetag/EG93074856
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
523561331c6c951e112b51be37a98f117434b1c9434b3bf57b011869a6f4e71a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1333
X-UA-Compatible
IE=EmulateIE9
cf-icons-styleguide.ttf
www.countryfinancial.com/content/dam/cfin/fonts/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.countryfinancial.com/content/dam/cfin/fonts/cf-icons-styleguide.ttf?gv08fi
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.74.228.151 Bloomington, United States, ASN10511 (COUNTRY-INSURANCE - CC Services, Inc, US),
Reverse DNS
countryfinancialsecurity.com
Software
Apache /
Resource Hash
a23d97545a3761e0787cfd2923cda13010c3132baa789a59056403fc7ab85462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://my.countryfinancial.com
Accept-Encoding
gzip, deflate, br
Host
www.countryfinancial.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.css
Origin
https://my.countryfinancial.com

Response headers

Date
Mon, 14 Jan 2019 17:25:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 15 Dec 2018 02:06:41 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Upgrade
h2
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
Connection
Upgrade, Keep-Alive
Content-Type
application/x-font-ttf
Keep-Alive
timeout=5, max=200
Content-Length
89804
X-dynaTrace
PT=10489647;PA=-2004641663;SP=Prod Enterprise;PS=-606767429
getCBHostName.jsp
countryfinancial.egain.cloud/system/cb/admin/ 		217 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/cb/admin/getCBHostName.jsp
Requested by
Host: countryfinancial.egain.cloud
URL: https://countryfinancial.egain.cloud/system/cb/admin/js/allow_cobrowse.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
df0c653c81537a64a8bfa615815c7a194907e5172f5a3f74783a3d120fdbb64f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
277
egofrrulesengine.js
countryfinancial.egain.cloud/system/web/view/proactivesales/templates/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/web/view/proactivesales/templates/egofrrulesengine.js?patch_no=15.0.5.4.91511.0.0
Requested by
Host: countryfinancial.egain.cloud
URL: https://countryfinancial.egain.cloud/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&egofferpagetitle=MyCOUNTRY%20-%20sign-in&egofferpatternchecksum=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
5133599cbfc3366ddb94cec5ab28a963c106948f07cbadd5a1936de6be01d4f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Dec 2017 04:08:01 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
ETag
"80e69f762376d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15881
X-UA-Compatible
IE=EmulateIE9
egpsserviceshookdef.js
countryfinancial.egain.cloud/system/web/view/proactivesales/templates/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/web/view/proactivesales/templates/egpsserviceshookdef.js?patch_no=15.0.5.4.91511.0.0
Requested by
Host: countryfinancial.egain.cloud
URL: https://countryfinancial.egain.cloud/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&egofferpagetitle=MyCOUNTRY%20-%20sign-in&egofferpatternchecksum=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
da47628b732bb801406568a7e39e2c4c4377689cf4907c836cd3326d2830eede
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Dec 2017 04:08:01 GMT
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
ETag
"80e69f762376d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1384
X-UA-Compatible
IE=EmulateIE9
egpsserviceshook.js
countryfinancial.egain.cloud/system/web/custom/proactivesales/templates/ 		0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/web/custom/proactivesales/templates/egpsserviceshook.js?patch_no=15.0.5.4.91511.0.0
Requested by
Host: countryfinancial.egain.cloud
URL: https://countryfinancial.egain.cloud/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&egofferpagetitle=MyCOUNTRY%20-%20sign-in&egofferpatternchecksum=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 14 Jan 2019 17:25:04 GMT
Last-Modified
Sat, 16 Dec 2017 04:11:00 GMT
Server
Microsoft-IIS/8.5
ETag
"02251e12376d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-UA-Compatible
IE=EmulateIE9
up
insight.adsrvr.org/track/ Frame 7A98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=usq8e9i&ref=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&upid=ecfzo3k&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.147.141 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-147-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=usq8e9i&ref=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&upid=ecfzo3k&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in

Response headers

status
200
date
Mon, 14 Jan 2019 17:25:06 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_6XcdVEKSdx5g9rn&Q_LOC=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&t=1547486706047
Requested by
Host: my.countryfinancial.com
URL: https://my.countryfinancial.com/portal/dispatcher/sign-in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.8.142 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-211-8-142.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8eac25cfcc54d890b0a3518240ed004f8d18cbd0cf0c7797500e99a2cc0e1fa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 14 Jan 2019 17:25:06 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
expires
Mon, 14 Jan 2019 17:26:06 GMT
cache-control
public, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
content-length
12712
servershortname
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=56994533&t=timing&_s=3&dl=https%3A%2F%2Fmy.countryfinancial.com%2Fportal%2Fdispatcher%2Fsign-in&ul=en-us&de=UTF-8&dt=MyCOUNTRY%20-%20sign-in&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_gid=295657781.1547486704&gjid=182541602&_v=j72&z=1955664788
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_v=j72&z=1955664788
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_v=j72&z=1955664788&slf_rd=1&random=2229373040
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_v=j72&z=1955664788&slf_rd=1&random=2229373040
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jan 2019 17:25:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54439328-1&cid=1619849749.1547486704&jid=2116125551&_v=j72&z=1955664788&slf_rd=1&random=2229373040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
checkSession.html
countryfinancial.egain.cloud/system/cb/cs/ Frame 3F63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://countryfinancial.egain.cloud/system/cb/cs/checkSession.html?wsname=https://my.countryfinancial.com
Requested by
Host: countryfinancial.egain.cloud
URL: https://countryfinancial.egain.cloud/system/cb/admin/js/allow_cobrowse.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.98.143 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-167-98-143.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://my.countryfinancial.com
X-Frame-Options ALLOW-FROM https://my.countryfinancial.com

Request headers

Host
countryfinancial.egain.cloud
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in
Accept-Encoding
gzip, deflate, br
Cookie
X-egain-session=PRZXE02gurXjbpSwSrvUg-EQ.egain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://my.countryfinancial.com/portal/dispatcher/sign-in

Response headers

Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://my.countryfinancial.com
Content-Type
text/html
Date
Mon, 14 Jan 2019 17:25:05 GMT
Last-Modified
Mon, 13 Nov 2017 14:15:38 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Frame-Options
ALLOW-FROM https://my.countryfinancial.com
Content-Length
764
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.countryfinancial.com
URL
https://www.countryfinancial.com/content/dam/cfin/fonts/cf-icons-styleguide.woff2?gv08fi

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _satellite boolean| __satelliteLoaded string| GoogleAnalyticsObject function| ga function| Visitor object| s_c_il number| s_c_in object| Typekit string| pagePath object| dl function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dropdownButtons undefined| showPassword undefined| charCount undefined| matchPasswords undefined| passwordStrength undefined| findRep undefined| header object| mainNav undefined| responsiveTables undefined| swiperSliderController undefined| accordions function| $ function| jQuery function| Cookies object| COUNTRY function| Swiper object| showPasswordTriggersForm object| showPasswordFields object| Modals object| DOMAIN object| Portal object| countryHelpFX object| _elqQ object| cf_eloquaFormField object| cf_eq_timerId number| cf_eq_timeout object| cf_eq_dcJS boolean| cf_eq_done function| cf_waitUntilCustomerGuidIsRetrieved function| cf_eq_callback function| fbq function| _fbq object| uetq object| s object| s_i_ccsccscountryfinancialprodaem_ccscountryfinancialglobalprod function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| OpenProfileId function| TTDUniversalPixelApi function| ttd_dom_ready string| txt object| paramMap object| _elq function| UET object| EGAINCLOUD object| EG_CALL_Q function| eGOFRPatternStore object| eGain object| eGOFR object| el object| QSI

1 Cookies

Domain/Path Name / Value
my.countryfinancial.com/ Name: EG_CUST_SEC
Value: false

3 Console Messages

Source Level URL
Text
console-api warning URL: https://www.countryfinancial.com/etc/designs/cfin/myCountry.min.js(Line 3591)
Message:
No password fields were found in this form. Add a 'js-show-password-field' class to your password field(s)
console-api log URL: https://assets.adobedtm.com/launch-ENd0d2ab239daa4ea6a4a1833bab4486d3.min.js(Line 2)
Message:
1619849749.1547486704
console-api log URL: https://assets.adobedtm.com/extensions/EP23d75a37c9fa4adb8bac5e48782e354a/AppMeasurement.min.js(Line 2)
Message:
Error, missing Report Suite ID in AppMeasurement initialization

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * ;script-src * 'unsafe-inline';style-src * 'unsafe-inline';img-src 'self' data: *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.analytics-egain.com
assets.adobedtm.com
bat.bing.com
ccservicesinc.demdex.net
cm.everesttech.net
connect.facebook.net
countryfinancial.egain.cloud
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
img03.en25.com
insight.adsrvr.org
js.adsrvr.org
my.countryfinancial.com
p.typekit.net
s1507381507.t.eloqua.com
smetrics.countryfinancial.com
stats.g.doubleclick.net
tags.bluekai.com
use.typekit.net
www.countryfinancial.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
zn6xcdveksdx5g9rn-countryfinancial.siteintercept.qualtrics.com
www.countryfinancial.com
104.111.241.32
142.0.160.13
172.82.236.170
184.31.90.134
2.21.37.83
204.79.197.200
208.74.228.151
208.74.228.57
216.58.205.226
23.211.8.142
23.38.53.224
2a00:1450:4001:808::2003
2a00:1450:4001:809::2004
2a00:1450:4001:815::200a
2a00:1450:4001:816::2002
2a00:1450:4001:81e::200e
2a00:1450:400c:c08::9d
2a02:26f0:64:48a::19fd
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.241.247.9
35.167.98.143
52.85.184.50
54.154.158.135
54.72.147.141
54.77.130.155
66.117.28.86
0246f5c23177e5bf7b3782753ff2b5b3cf647f91416b9dd43f9f6caa8c17afa7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e3483cac2367405c4cfa6c50c763a08d75e821abc98914ef88bde1ba04419df
108079c96d42b97b4d8110b3493675c2d889d255107d7bee0b41445834203a18
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
235da1ee79811631e184d8e99dab2ae5195d476d1138f1f49a8645c53a1803fb
23818277c974e4ed1d48a04077c6a133bde3435f3d0bafe8dcca49150ebcb986
2bc0fd07e347e2d9d5651224e98512703ca2e89651b2c622133800a7363c2c4d
36aa372a69633fea9b6b23edebdd761ae918c6431f53c6e7f0ac1e614e8839f2
381377b76dfd2aa64dacc36e3dab0783ee176dfdd1c0edf8f499bc1e3d414a6a
3aa00edd17be705182320b98048720cb4dc65401748b73c19acf837f54853e4f
3e09df511a74a34c17d089975631885a769b4f27ec2b20ce8c28c447aa831120
4f075fc3ab73ee6642477ce9fa9d32b0504d21e6a2a658712afd7624e57ada8d
5133599cbfc3366ddb94cec5ab28a963c106948f07cbadd5a1936de6be01d4f8
523561331c6c951e112b51be37a98f117434b1c9434b3bf57b011869a6f4e71a
567c2159c20fad9d51e6470cb71b63be1a4cafcc8d9cbd4312024581cefa9534
601d5b587774fc312fe0fb268fb7f09a1232c7f84a57b1f6ede393743c3d94c5
64507d1352c70d87b58375b10353c6a094a19148487d3dc6d5ea4862eb6d6fbb
67bdfe248850108a8d50908e6fe2d13b313c8aa5d399b6b93e1795ed555f2be7
6d24e90bc40312e3b9a117d4d8c88653cd5500bfd11ee4cb41a3c30259184c9c
794b6e5a8c2edf58d1f10d5dcaa7966664ee64627407a4a0e37020390efc7a7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838e92159c182903ea9248569403c5b2aa3d5f4695cb447e331bd4d0c9f608ee
8eac25cfcc54d890b0a3518240ed004f8d18cbd0cf0c7797500e99a2cc0e1fa0
90feb7878533b3fa1166ed7123150bdc221e0863229aafc4803799c0fa84451e
95b13eb23cca7150638085583cb49e58e85538b923f361365692bd2d7ae694c4
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9e03d610493a32cfa7a9750ac0c194f807c46926270e565fc8b41ee71053a52d
9f8894025edeb846ef8156e09be70e6e3f291bb8bfa111ba128a4ac46fd0c1a4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a23d97545a3761e0787cfd2923cda13010c3132baa789a59056403fc7ab85462
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b69380cda6b4670391f4b4668ce8537b789a820af4ffcc916ac5f4a08a2c0433
c40a56b230add6b27b34043514cd13214d9fd6d91f17aae500e21ad9635e574f
cbb2c80434af4754872fecb314eb9855333f953fa6b13ba37805bcb54b91d34d
cfe835627f36e36babf01cbabcf2a297d3922598decb2fd4483c3316d19886f9
d12914c594700622c0a85abb840e0dc74be39c4d7b332d5c1f054b62d553d174
d5813d4aa712a24e65b233870c92fbf1433d604ec84f73c4371fdedb5e4af133
d904248424d16c026aca30ae2affee26c1dbcf1e2e041fe5a86cc67a215dd028
da47628b732bb801406568a7e39e2c4c4377689cf4907c836cd3326d2830eede
df0c653c81537a64a8bfa615815c7a194907e5172f5a3f74783a3d120fdbb64f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab16851c1d5c7659acbca8af4c1e238d7407597b7568987bcf9010b92df42e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f154fd0083701384ae2586b26a87b0e10e8dba2be7131da0ce17cbbb8af0040d
fd338a175e4e81e2f44e03cd956e03b7a7619301ab1178b19e1311eacc414463