urlscan.io logo urlscan.io
SecurityTrails logo

yardlandssnow.com Open in urlscan Pro
2606:4700:3033::6815:39af  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475
Effective URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Submission: On September 30 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3033::6815:39af, located in United States and belongs to CLOUDFLARENET, US. The main domain is yardlandssnow.com.
TLS certificate: Issued by E1 on September 19th 2022. Valid for: 3 months.
This is the only time yardlandssnow.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 52.219.117.154 16509 (AMAZON-02)
1 1 47.254.144.66 45102 (ALIBABA-C...)
1 62.192.152.245 209889 (LIBERTY-C...)
27 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
35 7
1    52.219.117.154 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
tester02zer.s3.us-west-1.amazonaws.com
1    47.254.144.66 (Frankfurt am Main, Germany)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
pac.consultingskills.org
1    62.192.152.245 (Moldova)

ASN209889 (LIBERTY-CHISINAU, MD)
balistacllys.com
27    2606:4700:3033::6815:39af (United States)

ASN13335 (CLOUDFLARENET, US)
yardlandssnow.com
2    2607:f8b0:4006:824::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:808::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:81d::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:81f::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
27 yardlandssnow.com balistacllys.com
yardlandssnow.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com tester02zer.s3.us-west-1.amazonaws.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com yardlandssnow.com
1 balistacllys.com tester02zer.s3.us-west-1.amazonaws.com
1 pac.consultingskills.org 1 redirects
1 tester02zer.s3.us-west-1.amazonaws.com
35 8

This site contains no links.

Subject Issuer Validity Valid
*.s3-us-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
balistacllys.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.yardlandssnow.com
E1		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Frame ID: 51D3730914C2CA7F458B2165BE574531
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Online Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475 Page URL
  2. http://pac.consultingskills.org/?utm_source=22196&utm_campaign=c&utm_medium=92067475 HTTP 302
    https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475 Page URL
  3. https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

5815 kB
Transfer

6570 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475 Page URL
  2. http://pac.consultingskills.org/?utm_source=22196&utm_campaign=c&utm_medium=92067475 HTTP 302
    https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475 Page URL
  3. https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://pac.consultingskills.org/?utm_source=22196&utm_campaign=c&utm_medium=92067475 HTTP 302
  • https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
tester02zer.s3.us-west-1.amazonaws.com/ 		642 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.117.154 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
642
Content-Type
text/html
Date
Fri, 30 Sep 2022 01:46:58 GMT
ETag
"c3b0e4656840ee2107a570dccac97c4a"
Last-Modified
Tue, 20 Sep 2022 05:42:04 GMT
Server
AmazonS3
x-amz-id-2
8/pWzBYygHgWnkY9D6aZuPvSj+Xua4AV2E+w4Pr4/Ym3dOVhwZfvHW+S+1qzrCLNt3A5AKzrXbU=
x-amz-request-id
YF2AJZMWTKE2SSYR
92067475
balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/
Redirect Chain
  • http://pac.consultingskills.org/?utm_source=22196&utm_campaign=c&utm_medium=92067475
  • https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475
140 B
394 B 		Document
General
Check archive.org
Download Go to
Full URL
https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475
Requested by
Host: tester02zer.s3.us-west-1.amazonaws.com
URL: https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.192.152.245 , Moldova, ASN209889 (LIBERTY-CHISINAU, MD),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
140
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 01:46:58 GMT
server
Apache

Redirect headers

Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Sep 2022 01:46:57 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475
Primary Request /
yardlandssnow.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Requested by
Host: balistacllys.com
URL: https://balistacllys.com/0/0/0/2e58a125564121d86d0b955710c3ac2d/119/22196_0_5/92067475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83602f26c287c101e62fef786f32e06d444cb3a138a089a90c4158a22c10a577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://balistacllys.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
752949b73ff4c3fd-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Sep 2022 01:46:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDIdeHYXiR0vX%2FLpQrBZDRqfYM7oXxgG5JzwVOHBf1iDWlTlVBslUO5JlDGBBze9DOs7zRsV7P0m0SkPYUpEoxnqxtxiQX4VyHxhz7WVOWjrsmmJ8EM9jtKwvS75T3Jgq9qFvukONkuvK81etDg0fA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
0ffc563c9f931f2e1ee1349a9d03fc73
yardlandssnow.com/ 		242 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73?_ax=w
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45ef76c282cc4ffb05707e1f3e26c532deceab24ca20ca40b7507a499fe8f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvp8EcLAzTx%2BSGH8tjFB3m5%2FOQj2JzH802BlpdLn1GYUACsuoeu5rkbj4mr4F61%2Fnr9msby4sbwDqLHiuFLZRuLsWWC%2FQ11UX5Sd0U3n0U6MQAGFdVQGkeAEgjT8xxZUTf00XFTeulDJX6BLJ%2FUNnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
752949b93c50c3fd-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
yardlandssnow.com/assets/js/vendor/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpa4H4ijukL03GftwQywCeCzFBMddrhWc8xixxFTvh2a6ITopS%2B4p4289tfMCJXeenfRTgmwDhg5fQEuV40KC2J1J6K9NmuF%2BP0zwQXQM6Ip1qKm8KdN1SSmw5JWZnUEgodovgWcDUN4EOfjinAoEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b0678eb-EWR
expires
Fri, 07 Oct 2022 01:10:02 GMT
all.css
yardlandssnow.com/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/vendors/fontawesome/css/all.css
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPPlVUiIiBrJUi4QKuJOtZeG6meq8CtUJS30LiWgL5MrwG75qNINFz530ROmj036CW6gUmgE7CAt2CD0OTMmO19YnRaf6CJal41hssWdo2z5hS8IQ2gDNc1Ek45hBblIZJomIe%2F1%2F5FiIOiBNSM51Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b0b78eb-EWR
expires
Fri, 07 Oct 2022 01:10:02 GMT
common-hybrid.css
yardlandssnow.com/assets/css/legacy/dist/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/css/legacy/dist/common-hybrid.css?v=f8bc6f812c41405ea80c7c2537c92943
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed9a834086d8f1fb1823805551f65fe589f0b4bf690ed1eb4f5765ff317272f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 21:44:39 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLy5g7jd73YcUgtTLZN86Fqmb6UbWBLMUJCSA0%2FBzAMUMTg1F7520dOJxkqypIhRyNkfNa%2BLU8kVSRQaNKR2dGvG1v4BdlLZ9v8C4OgUAeIum2yWO1cZvFlsAK%2FPWdsL9Dfnvben0QeVpiLC8ziJbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b1078eb-EWR
expires
Fri, 07 Oct 2022 01:46:59 GMT
1.3-hybrid.css
yardlandssnow.com/assets/css/legacy/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/css/legacy/1.3-hybrid.css?v=f8bc6f812c41405ea80c7c2537c92943
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Aug 2022 16:56:50 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNxvVt0qkUCTf9o4tuE28QYG1SE5%2FF7Coeki%2F%2F%2BS8KxHj1MPnWTVHlqpSP%2FZGuIXDyOzVWyHRqVUZKgswoey5EAWx7aUSQeMaHBRY1O4Tk%2BDSexVpo1Ka%2FcDIZw4dRnl45XJV7ey9gzuhaEA%2F7fkTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b1b78eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
jquery-3.4.1.min.js
yardlandssnow.com/assets/js/vendor/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2vd7EIxvAnigB4lQZRV65uvU2paOufFO0LdoofbeGT9RKWWh7cid0SM1ErD8Iz5IqURS%2F%2F0Ne8EP%2FwcEkhqsFF99DEI2w4tj%2BoY11eyZ6kHsldNLgOCi8ojhg0HgUa9OpJdwKuwaKqptHS0FxY%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b1f78eb-EWR
expires
Fri, 07 Oct 2022 01:10:02 GMT
bootstrap.min.js
yardlandssnow.com/assets/js/vendor/bootstrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gA5SCj%2BDRS1iF987bcSxiT0csWIxIE3n170TmEfiTC9IFVqM%2Bhe92f2i36Q7KQ1UhCehe4MNgAC%2BSGewY13Ek1s2lIx6OYrxdghx89bnhFLy54RphkFCowjM08h%2BC6g1cvhMkwllPJuzXIPCCFvnRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b2178eb-EWR
expires
Fri, 07 Oct 2022 01:10:02 GMT
functions.js
yardlandssnow.com/assets/js/ 		495 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/js/functions.js?v=f8bc6f812c41405ea80c7c2537c92943
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WE8AbcIEJAD%2F3S3jeikzIL47LM%2BM95A%2FyucFqNlLCjRkmytUH2H7kBXdUaFNnEbrvH0LftV545m6MHcF9FblaOqruWxOQRODkhRD4MjPwha5ltRWLriESBWToFRsnIvUi%2FmXdYxZ3lIyATZMy2Qnuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b2278eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
common-hybrid.js
yardlandssnow.com/assets/js/legacy/dist/ 		91 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/js/legacy/dist/common-hybrid.js?v=f8bc6f812c41405ea80c7c2537c92943
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/?s1=350563&s2=816325793&s3=1782&s4=1710&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29f24c3d2069cc3551aa1c3f1eaabbe01cf96e051c283cf09e72dce334e9a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 15:09:21 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oica58Ozl542HOkmvPwxYdVkWtVfIhv%2BvQc%2FMN2ocTo8n7iXAAP9N7vNza52L5Xl0HvHBDnR%2FCSAP5TXRdvT%2BWfnQKTTu0t2xhbxVMUA2GTpbHDO7jyxZDKorSu4HIjXxXMRf%2FA4pMdWSPHI%2BXtJvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
752949bc7b2478eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: tester02zer.s3.us-west-1.amazonaws.com
URL: https://tester02zer.s3.us-west-1.amazonaws.com/index.html?utm_source=22196&utm_campaign=c&utm_medium=92067475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4dee2521ff4144bacd2281f0c2af63b21ee6315db9a628535175db473c1ce0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40545
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 00:17:33 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Sep 2022 01:47:00 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/assets/css/legacy/dist/common-hybrid.css?v=f8bc6f812c41405ea80c7c2537c92943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 01:40:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Sep 2022 01:47:00 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b43098832442c6027864b7499262e1042635c8ad74995404f3d132aa265154b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75112
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 30 Sep 2022 01:47:00 GMT
7da5f2699c2bc5c6ccc9eb897f70d83f.png
yardlandssnow.com/fim/739-US/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/7da5f2699c2bc5c6ccc9eb897f70d83f.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dN%2BBbamh7TuTjkQFSZsDV7CkvzcTKw3xk%2Bhhfc5ETjxuKXo%2FO6EFpmjlVjSHktOKriub7qQ3lxPMM7UioT2zYrlo1IYkUDOL3lNkjRvv2%2Bk%2FZ%2FG5%2BxZlB82RlbwMw33lqJ8GsEG2fHS6CM4x%2B7Y2JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed80378eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
a4cfc27bab75e7b9bd1e6369d38bae94.png
yardlandssnow.com/fim/739-US/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/a4cfc27bab75e7b9bd1e6369d38bae94.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18427
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:20:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSGnf6JD%2BG6xrQUChbeOQ13%2BGbUiqH%2BJBKU9HTy2iEMdymxA3GvKtAU0OUVUXwwM0ZOwFSwkPZjCKWGq0KyCd6BhNGKutJXKy2gl6ikqP9gdOI6QjD%2B2bJ0kZDd7P2brpf3QBu3E9WZSQk2VDFfEGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed80b78eb-EWR
expires
Fri, 07 Oct 2022 01:26:36 GMT
97db2f7f4a78e01ab1131535bea1ce47.gif
yardlandssnow.com/fim/739-US/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/97db2f7f4a78e01ab1131535bea1ce47.gif
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15537
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:20:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBk%2Ff1oVOU0vfcc9RsDWiz5CTS97KbxdJyqHMg7eMDVtUSdIRSTHpqViSykNslR81N395Go2FJDhuMhOn6S65MzH%2F9h0ob6r9vU4IK4Hq%2F2U9KcvZCyz%2B%2F3nXQENoab5DfGdFwJ7D78%2B5Is6Qqx2DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed80e78eb-EWR
expires
Fri, 07 Oct 2022 01:26:36 GMT
3d93e174836e353a5f4a8a40151c2760.png
yardlandssnow.com/fim/739-US/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/3d93e174836e353a5f4a8a40151c2760.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:20:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dhUmIGJtfYl4CvlygPYdA5mPRdlZlTv%2FlaQX1FAlB%2FzDTN8YSb20mOVZ%2BpEvxrTKnhV0PswiYxafneVoTHKKDMPvxvbpJY4zEc%2F0OyHk9XasD82SbwjUnR8ZsBnBSq0WEvXdEi8pV3OoTKULTCrcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81178eb-EWR
expires
Fri, 07 Oct 2022 01:26:36 GMT
efbcfa859f92589f8c2518c03959e951.png
yardlandssnow.com/fim/739-US/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/efbcfa859f92589f8c2518c03959e951.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b513e00f3fe11e63631cc40e84d7db2e6b6ff367efed2ac5eaf8717de4e6b49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1917834
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=546undPNo6qJjAE7qXgU5o%2B%2Frlst9zBISo%2BF3k7oxkpLlqpY%2BinCAbXFGPVxtc%2FKK%2BUem2rF82s6ud8aD2Tk5Zh6UYFHOcZFMg8uyPd1BIQJyQ37BWTN7orcLwOwkHt1YOwzv6gR6BydnsIy2NFFcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81578eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
6a386e820de5a70a17f2f299e2c60496.png
yardlandssnow.com/fim/739-US/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/6a386e820de5a70a17f2f299e2c60496.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:20:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTVEE%2B2dCrTndVzgqr2l8Xxel4iik6NPTzVRy7OhMlysqbUct7SmzWpeCM5y%2FmfRz9egC%2FkDqZvwqvLLhr%2F0EdSYotr3dEEpApWTOx3NkX9fUzLTzIKelvNyJComRW9UzxRERXwEnhp7BvLNMCNClA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81978eb-EWR
expires
Fri, 07 Oct 2022 01:26:36 GMT
59aeeaa9114931ff47b5418351f4c7bd.png
yardlandssnow.com/fim/739-US/ 		384 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/59aeeaa9114931ff47b5418351f4c7bd.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4713e7b7d754088b15afa907f5713d6a5865e05114487ce253f767c9b0d26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
393194
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0NvwPg434SkGCRTOfOAShjoWU6emhbRNh4CoIDsnpXJzh4HdL0NX9XU3BohahE6CneeMODuulKT3r7XdsLrLpNmRuCLTB%2B3IkQmXQo%2FntlN0QP%2BbjthQ5w1uLJYj6iegN3mRk%2FgHOvH9Q9h3Z00pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81a78eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
9d324f7e3acb5bb12fb0e85a5599c383.png
yardlandssnow.com/fim/739-US/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/9d324f7e3acb5bb12fb0e85a5599c383.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d507ae69641b247961e3f1b94b1288f9e3ec0714944c7b1f63a74aafd9ed0afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1120026
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9gqjgRQ3JRohr4lWJlPC1BC4EAK15KO2xl8JflrH%2FH8sI3ZUrp%2FHTDSvyoc0OJLqWAr0l1a2Sv4EJAlc2UFa9C65uZnmfn6Kms%2BLbaICUUNNKyASAbcjeNwxM6bjdxiKpFvc%2BHhlhqu%2B6N%2FEjCztA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81c78eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
aa03ad1fff3b5f8c12ff5f48bd04fbdd.png
yardlandssnow.com/fim/739-US/ 		407 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/aa03ad1fff3b5f8c12ff5f48bd04fbdd.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5f85edb4ab2e4e4cdb7a8e8d632789153f396b75991b4bb233dffaf7078727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
416608
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Byl2PmehFEOYGOyKs09yPBChvXFjtlyZYdNVD1woN4k4jptd%2F%2FZQTSfQwDTyV3lcNY95wbwyF1zItJBFbxxVwUlSve8djSgLfGG%2F1dFoGln1BhU4kN2w049RnoHJVRwyZCBtRYqqxAck6IVDIuQUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81d78eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
1af77e6107ef3483a645251b7d56a1a4.png
yardlandssnow.com/fim/739-US/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/1af77e6107ef3483a645251b7d56a1a4.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1385
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdKomuBFM1osXe5QCXpBZScxBNWi3e%2FRn4S6ptVzMj6EAKvxlhT1B9%2BURhcq%2BTUopxdz6fnU8V0YV6GRVH8tviy8NVrLpb0cRAHpyf76uyAzbr%2F9cUsYsRAOgjvjZ9a7xB85knTjXGzmhc3RnHhI%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed81f78eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
e7c17517cfac65e80d0f80b1e6d333de.png
yardlandssnow.com/fim/739-US/ 		538 KB
539 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/e7c17517cfac65e80d0f80b1e6d333de.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9747e77e06adfb183ca4a57b9be822881c6bfe9093bf703a3ec1fd5e087abd85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
551119
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji1DbbsxFOmM5uZPaMl7A%2BkJjV2AmxLI8QldhzVx%2FpKsKaI1U9AncNu0mP%2BKaIt8kWZvFgQRAcTS%2BUUYKpU0HHTywUw7DoSMwuxN2fyd%2BS2vjfJ1hSB%2Bd%2F0lGxqLabCKfCKBg2ofn8bfHHdh1bxcaw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed82078eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
f70da7b8da8dc7943f87bf405c55bb21.png
yardlandssnow.com/fim/739-US/ 		472 KB
473 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/f70da7b8da8dc7943f87bf405c55bb21.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425425b82cca3a97f01ee4f7365801a5a4a3f2d35b303d288fbafc464243b65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
483444
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:46:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKAX9GmNqJ0MnE6ZwX0Thm2YmH3ZNTpL%2FYUQ3TiofRaWyhCAJc7i3vqphhuw0VT17c0sXvePz4q2t9aTjRBEGpgKSE4xgMt035ixpBhlqIt4esLHcKlVJYkw7GyW%2BUNVfLIxGm%2F9W7jaakG0idvj6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed82378eb-EWR
expires
Fri, 07 Oct 2022 01:47:00 GMT
b54c6820496f807055ccbbd2814fa7b3.png
yardlandssnow.com/fim/739-US/ 		575 KB
576 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/b54c6820496f807055ccbbd2814fa7b3.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7ba5d8ae40ea9013f05ee70b64c93e23b7e0b28aa27aa4aff4692b62ba6535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
589203
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:20:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAxPajzfruiv6xAFT8cILva9t5Fycu8MsK4p0Gw39c2kLuBqfMc35f3XH0X%2Fjwl0vQxK91%2F654%2FGWRFJ1vq%2FPuIi2UbB10UaENXfnQ3Dm9l6hmudA97jkS0q02miqKC1FyS2xfqFJ3DVeio387EGKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed82578eb-EWR
expires
Fri, 07 Oct 2022 01:26:36 GMT
5e87bdfb9f8c3f9480d1dec2102939b0.png
yardlandssnow.com/fim/739-US/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/fim/739-US/5e87bdfb9f8c3f9480d1dec2102939b0.png
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 01:20:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTk6MX3JSSzmFelOeg8YR5j%2BP6P82dYFEX1XFXmmMcTTVebZMFEapX8s4GxVDd8j1WpEUqok73vz9iX%2B77324FJdXAWUIrOu84BJzOgr8%2BlwVZLaadbTCXsQ1zbf0%2BF30uhTre8%2B9CV2bd%2FYWKytrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bed82778eb-EWR
expires
Fri, 07 Oct 2022 01:26:36 GMT
0ffc563c9f931f2e1ee1349a9d03fc73
yardlandssnow.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/0ffc563c9f931f2e1ee1349a9d03fc73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io4MH7dBce5PGCPIC1VE8hoBmW2qS27ki35B9q4l7I%2FrO18yDxRFyVw1M9PNufv6fCtfiuUHxG6aqT7TCiBG8Boy5J59JQhLvt5E9j8IOkSt1ff47XQCSSbF%2BTRrNcq%2Feq%2FL6ZPjIQjBr0Evd14D8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
752949bef87b78eb-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardlandssnow.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 10:24:56 GMT
x-content-type-options
nosniff
age
573724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:03:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Sep 2023 10:24:56 GMT
fa-solid-900.woff2
yardlandssnow.com/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yardlandssnow.com/assets/vendors/fontawesome/css/all.css
Origin
https://yardlandssnow.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1950
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVaBAnAYSfedHhKyYDa%2F0WOW2mZWDwUNGkxCI53XsKUdMPGQrtG3a5jF%2FTDOn0QPbaqqQOAe%2FuChZ1gXbqsG0jCY9c2JgJ8J%2FrmD7JTchXQE3eny5INLnnnwjv%2B%2F9akSxBh9x9zyur1m%2FxQIVx7BSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bef88178eb-EWR
expires
Fri, 07 Oct 2022 01:14:30 GMT
fa-regular-400.woff2
yardlandssnow.com/assets/vendors/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yardlandssnow.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: yardlandssnow.com
URL: https://yardlandssnow.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:39af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yardlandssnow.com/assets/vendors/fontawesome/css/all.css
Origin
https://yardlandssnow.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:47:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1950
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EtDau5WVCozbisIFdbMkv3S7%2Bm3RjULfJCT4KCADh53WvgP1AuFSAw3q3rGWqEraXdD5gx8o071vk2UO0iyEAj0xphizp34FXzdKOcYgSJV%2F6qZciCekHZUiQFzwmEn10wVneoX65no%2BWvPCKPeiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
752949bef88278eb-EWR
expires
Fri, 07 Oct 2022 01:14:30 GMT
collect
www.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oe9s0&_p=1428819317&cid=1105674289.1664502420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664502420&sct=1&seg=0&dl=https%3A%2F%2Fyardlandssnow.com%2F0ffc563c9f931f2e1ee1349a9d03fc73&dr=https%3A%2F%2Fbalistacllys.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Online%20Survey%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 01:47:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardlandssnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oe9s0&_p=1428819317&cid=1105674289.1664502420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664502420&sct=1&seg=0&dl=https%3A%2F%2Fyardlandssnow.com%2F0ffc563c9f931f2e1ee1349a9d03fc73&dr=https%3A%2F%2Fbalistacllys.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Online%20Survey%20-%20We%20Want%20Your%20Opinion!&en=scroll&epn.percent_scrolled=90&_et=11
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yardlandssnow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 01:47:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardlandssnow.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _0x1732 function| _0xc10f object| dataLayer object| google_tag_manager object| google_tag_data object| _0xc22e function| _0xe45c function| $ function| jQuery object| bootstrap function| startTimer number| duration object| _0xc75e function| _0xe42c string| LNG string| CMP string| CNT string| BID string| API_URL object| _0xc94e function| _0xe1c object| currentdate object| months function| a0_0x32831c string| attrChoices string| domain string| pipeline string| zipcode string| state_selected object| states function| birthdayFill function| a0_0x5d89 function| beforeShowQuestion function| a0_0x299f function| showOfferWall function| createQuestion function| sendOf function| popunder function| runT function| replaceUrlParam function| startsurvey function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| showOfferWallU function| validateData function| showStreetStateU function| showDisclaimer function| preventS string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl function| putVarCommon object| _0xc19e function| _0xe66c object| _0xc54e function| _0xe49c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
balistacllys.com/ Name: uid1782
Value: 816325793-20220929214658-ee809792704c82c663e429f8abd94a21-0
yardlandssnow.com/ Name: PHPSESSID
Value: e026fc7df0061b8ccf07d1bd75ab6910
.yardlandssnow.com/ Name: _ga_DKB9VH2QW4
Value: GS1.1.1664502420.1.0.1664502420.0.0.0
.yardlandssnow.com/ Name: _ga
Value: GA1.1.1105674289.1664502420

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balistacllys.com
fonts.googleapis.com
fonts.gstatic.com
pac.consultingskills.org
tester02zer.s3.us-west-1.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
yardlandssnow.com
2606:4700:3033::6815:39af
2607:f8b0:4006:808::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::2008
47.254.144.66
52.219.117.154
62.192.152.245
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
425425b82cca3a97f01ee4f7365801a5a4a3f2d35b303d288fbafc464243b65e
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4dee2521ff4144bacd2281f0c2af63b21ee6315db9a628535175db473c1ce0e2
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
7e7ba5d8ae40ea9013f05ee70b64c93e23b7e0b28aa27aa4aff4692b62ba6535
83602f26c287c101e62fef786f32e06d444cb3a138a089a90c4158a22c10a577
9747e77e06adfb183ca4a57b9be822881c6bfe9093bf703a3ec1fd5e087abd85
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
a29f24c3d2069cc3551aa1c3f1eaabbe01cf96e051c283cf09e72dce334e9a80
aed9a834086d8f1fb1823805551f65fe589f0b4bf690ed1eb4f5765ff317272f
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b43098832442c6027864b7499262e1042635c8ad74995404f3d132aa265154b3
b513e00f3fe11e63631cc40e84d7db2e6b6ff367efed2ac5eaf8717de4e6b49c
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bd5f85edb4ab2e4e4cdb7a8e8d632789153f396b75991b4bb233dffaf7078727
c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277
d45ef76c282cc4ffb05707e1f3e26c532deceab24ca20ca40b7507a499fe8f15
d507ae69641b247961e3f1b94b1288f9e3ec0714944c7b1f63a74aafd9ed0afe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042
fb4713e7b7d754088b15afa907f5713d6a5865e05114487ce253f767c9b0d26a