himalayanstaylodges.com Open in urlscan Pro
184.168.96.189  Malicious Activity! Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response himalayanstaylodges.com/RFRTA/WARFG/196dd/	26 KB 7 KB	522ms 255ms	Document text/html	184.168.96.189 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol HTTP/1.1 Server 184.168.96.189 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-184-168-96-189.ip.secureserver.net Software Apache / Resource Hash 77977dd2d3ebd112f63e02589d7d362b7ad68e5d35f14cb9737d93be4d97727e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 7106 Content-Type text/html Date Sat, 09 Jul 2022 07:49:53 GMT ETag "6c4234f-671d-5e3398652ff46-gzip" Keep-Alive timeout=5 Last-Modified Thu, 07 Jul 2022 16:24:49 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H2	200	sed-alphabank-2260e9ef.js Show response secure.alpha.gr/__imp_apg__/js/	358 KB 188 KB	176ms 114ms	Script application/javascript	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/__imp_apg__/js/sed-alphabank-2260e9ef.js Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software istio-envoy / Resource Hash d93df990deed7f8f838ceb91bb23721525f1c1ece579b20955218671a06e6b9c Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT content-encoding gzip last-modified Wed, 06 Oct 2021 19:29:16 GMT server istio-envoy vary Accept-Encoding content-type application/javascript access-control-allow-origin https://secure.alpha.gr cache-control public,max-age=600 x-envoy-upstream-service-time 1 accept-ranges bytes content-length 191288
GET H2	200	login secure.alpha.gr/Login/content/css/	174 KB 27 KB	195ms 134ms	Stylesheet text/css	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 9c8e0bedeab49d20486955665b94e9d00bae581e8897698f9b830311dfb7253a Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Frame-Options ALLOW-FROM https://www.alpha.gr/ Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ content-encoding gzip x-content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ x-frame-options ALLOW-FROM https://www.alpha.gr/ date Sat, 09 Jul 2022 07:49:53 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-expose-headers Request-Context cache-control no-cache request-context appId=cid-v1:5d2fc027-4605-48f6-9841-83703a3803ce content-length 26197 expires -1
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/	87 KB 28 KB	32ms 16ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer http://himalayanstaylodges.com/ Origin http://himalayanstaylodges.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 10505035 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27958 timing-allow-origin * last-modified Mon, 04 May 2020 23:01:39 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb09ed3-15d84" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRsgKRmMM4L047ZA%2BDS08JV06S%2B%2Be%2BGu8dLQBvoRhmVq9gJUS%2FiI0pruE3aAUPUEehssAuwYSTHGxSf0JiSfKCWwTE0fYI81TnxCRBa2Ge11NRoleYlrsm3WzNKi3i12zG0hPrvKdLNVt96Mdm1O%2FzzM"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 727f7730f89e9290-FRA expires Thu, 29 Jun 2023 07:49:53 GMT
GET H2	200	socket.io.js Show response cdnjs.cloudflare.com/ajax/libs/socket.io/3.0.4/	180 KB 31 KB	29ms 13ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/3.0.4/socket.io.js Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4ba12c1dd4bed11b7f4a18d3f8eae51af0d416ffc40cf009e59bcebc679e40f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer http://himalayanstaylodges.com/ Origin http://himalayanstaylodges.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 14249185 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30573 timing-allow-origin * last-modified Mon, 07 Dec 2020 13:37:30 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5fce301a-2cfba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiebbxfieWZEZK5iKd8XzNzkbDURo3%2Fct%2BJBFFGHpHzQzssPwN4Nfd2wfMt6S1Oe%2FaeocCJLn2wOBgEtialcLqV1rUd6gVIbA7LvbSMFd4L8a6TxHKL48AFV8MijgHzBohgPMiAizmBzxyRMOX%2Bh%2BKDi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 727f7730f8a09290-FRA expires Thu, 29 Jun 2023 07:49:53 GMT
GET H/1.1	200 OK	jquery-1.9.1.js Show response code.jquery.com/	262 KB 78 KB	31ms 16ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-1.9.1.js Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol HTTP/1.1 Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 09 Jul 2022 07:49:53 GMT Content-Encoding gzip Last-Modified Fri, 18 Oct 1991 12:00:00 GMT Server nginx ETag W/"28feccc0-4185d" Vary Accept-Encoding X-HW 1657352993.dop010.am5.t,1657352993.cds258.am5.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 79506
GET H2	200	notification.png secure.alpha.gr/static/login/v1/content/media/login/	451 B 682 B	78ms 76ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/notification.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash ccc3857f312489191143a105a811870ae647d7814faeeb54dc9873cd614022af Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 451
GET H2	200	logo.png secure.alpha.gr/static/login/v1/content/media/login/	3 KB 4 KB	114ms 112ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/logo.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 21503eecb48b62604d6855e33399ab5731f3679a03d412065ea47464de612785 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 3350
GET H2	200	lock.png secure.alpha.gr/static/login/v1/content/media/login/	442 B 673 B	96ms 94ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/lock.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash a9ba69a712ca83a83213bb90a9f821da8c904c9f954eba6c5e7e23bdad6e2c3e Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 442
GET H2	200	laptop.png secure.alpha.gr/static/login/v1/content/media/login/	311 B 541 B	106ms 104ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/laptop.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash a1612606ef48d6a8c375d4a747b8c1fe4f6927e242ec21c449b27ed0325505f2 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 311
GET H2	200	email.png secure.alpha.gr/static/login/v1/content/media/login/	350 B 581 B	114ms 112ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/email.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash ed71ce33d772d291d9c787d26972c89d581a81b6b5e10bfaa8a18173a9877f4c Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 350
GET H2	200	phone.png secure.alpha.gr/static/login/v1/content/media/login/	1 KB 2 KB	108ms 107ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/phone.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 4626e282c2921300f1f087f82643dfe7c3482ef156d4f151d5d892d1a6cb7f49 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 1366
GET H2	200	info.png secure.alpha.gr/static/login/v1/content/media/login/	622 B 852 B	115ms 114ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/info.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash dd892e8748d7c8b9068fc17b082e57ba012a3e1923f8ea0323f4a325e5367e52 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 622
GET H2	200	shield.png secure.alpha.gr/static/login/v1/content/media/login/	675 B 906 B	111ms 110ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/shield.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash b9294cf365d3365ce77692019b950cd5c1c1ea1187aa6cc891b0ee1457578643 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 675
GET H2	200	retail.png secure.alpha.gr/static/login/v1/content/media/login/	4 KB 4 KB	152ms 151ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/retail.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 3ba8e512923cd34399ee6274ba26e52ed26d9bc21794092eb8126012120daef9 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 3864
GET H2	200	corporate.png secure.alpha.gr/static/login/v1/content/media/login/	5 KB 6 KB	118ms 118ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/corporate.png Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash a0528735cdfd91c5ec3139dee69492183dcf03e3b9a72e3df105a0b113ff96f4 Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 5601
GET H2	200	appInsights Show response secure.alpha.gr/Login/bundles/	89 KB 33 KB	105ms 105ms	Script text/javascript	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/Login/bundles/appInsights?v=xPr-JzppmL-I8vTqZaoBBDKFMrArsdju7rdrgi76wdQ1 Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 23f578151081d3f736ac25ed4f6f13fa9e742998f64f8a9ac6cfaf24af288d62 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Frame-Options ALLOW-FROM https://www.alpha.gr/ Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ content-encoding gzip x-content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ last-modified Sat, 09 Jul 2022 07:49:52 GMT x-frame-options ALLOW-FROM https://www.alpha.gr/ date Sat, 09 Jul 2022 07:49:53 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-expose-headers Request-Context cache-control public request-context appId=cid-v1:5d2fc027-4605-48f6-9841-83703a3803ce content-length 32517 expires Sun, 09 Jul 2023 07:49:52 GMT
GET H2	200	login Show response secure.alpha.gr/Login/scripts/js/	166 KB 54 KB	142ms 140ms	Script text/javascript	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/Login/scripts/js/login?v=Dnetcg23kUNdCI5pQmuwHKYP1GOaDfw8pFjZdTJ3WLs1 Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 900b3cd63b5a865a449df1110947f6d8b31feeb71920745df04370a38305194d Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Frame-Options ALLOW-FROM https://www.alpha.gr/ Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ content-encoding gzip x-content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ last-modified Sat, 09 Jul 2022 07:49:53 GMT x-frame-options ALLOW-FROM https://www.alpha.gr/ date Sat, 09 Jul 2022 07:49:53 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-expose-headers Request-Context cache-control public request-context appId=cid-v1:5d2fc027-4605-48f6-9841-83703a3803ce expires Sun, 09 Jul 2023 07:49:53 GMT
GET H2	200	rsa Show response secure.alpha.gr/Login/bundles/	18 KB 7 KB	65ms 62ms	Script text/javascript	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/Login/bundles/rsa?v=5TNeJF4ZhNX08AmfFwVBB9GG79NX7mtzoP4Q4ixFEJo1 Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 0bfdbbfd68e269cad8dfb7f6f261445a39bca830166501a42830062508d9d60f Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Frame-Options ALLOW-FROM https://www.alpha.gr/ Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ content-encoding gzip x-content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ last-modified Sat, 09 Jul 2022 07:49:52 GMT x-frame-options ALLOW-FROM https://www.alpha.gr/ date Sat, 09 Jul 2022 07:49:53 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-expose-headers Request-Context cache-control public request-context appId=cid-v1:5d2fc027-4605-48f6-9841-83703a3803ce content-length 5890 expires Sun, 09 Jul 2023 07:49:52 GMT
GET H2	200	sjcl.min.js Show response secure.alpha.gr/Login/Scripts/login/	25 KB 10 KB	122ms 120ms	Script application/javascript	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/Login/Scripts/login/sjcl.min.js Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 0e347b56c115b9a6553a4e3a18e3d39a2b138190e30d80f4fe11ec75c2d849e4 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Content-Security-Policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ X-Frame-Options ALLOW-FROM https://www.alpha.gr/ Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/ content-encoding gzip last-modified Fri, 27 May 2022 10:15:34 GMT server x-frame-options ALLOW-FROM https://www.alpha.gr/ etag "0e7acb3b271d81:0" vary Accept-Encoding content-type application/javascript date Sat, 09 Jul 2022 07:49:53 GMT accept-ranges bytes content-length 8929 x-content-security-policy default-src 'unsafe-inline' 'self' data: *.msecnd.net *.visualstudio.com https://*.alpha.gr http://*.alpha.gr https://*.websecurity.norton.com http://www.symantec.com https://www.google.com https://www.gstatic.com; frame-ancestors 'self' https://www.alpha.gr https://e-bankingpre https://e-bankingstg https://e-businessstg https://e-businesspre https://alphauatcm.linakis.com/ https://alphauat.linakis.com/
GET H2	200	login-background-stripped@3x.png secure.alpha.gr/static/login/v1/content/media/login/	162 KB 162 KB	135ms 135ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/login-background-stripped@3x.png Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash a7b625a085dc2e7e3c7c5d882c279d6e6da3a860fb17c041232a575bfe033f1d Request headers accept-language de-DE,de;q=0.9 Referer https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 165495
GET H2	200	login-background-elements@3x.png secure.alpha.gr/static/login/v1/content/media/login/	1006 KB 1009 KB	135ms 135ms	Image image/png	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/login-background-elements@3x.png Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash 0735fb7399059f96adfcea3b0378e2df6e08488c6b65627e4fb79e1d127b3336 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:53 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/png accept-ranges bytes content-length 1029774
GET		OpenSans-Regular.woff2 secure.alpha.gr/Login/content/fonts/opensans/	0 0
GET		OpenSans-Bold_1.woff2 secure.alpha.gr/ebanking/content/fonts/opensans/	0 0
GET		OpenSans-Regular.woff secure.alpha.gr/Login/content/fonts/opensans/	0 0
GET		OpenSans-Bold_1.woff secure.alpha.gr/ebanking/content/fonts/opensans/	0 0
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 22 KB	46ms 7ms	Script application/x-javascript	2606:2800:133:206e:1315:22a5:2006:24fd EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/Login/bundles/appInsights?v=xPr-JzppmL-I8vTqZaoBBDKFMrArsdju7rdrgi76wdQ1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FA5) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 09 Jul 2022 07:49:53 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 content-md5 HdY95yzx9wIyQkVEGES+Ew== age 1282 x-cache HIT content-length 22495 x-ms-lease-status unlocked last-modified Thu, 11 Mar 2021 07:46:59 GMT server ECAcc (frc/8FA5) etag 0x8D8E461DA1A5889 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 15936334-201e-0020-3265-9393d2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800 x-ms-version 2009-09-19 expires Sat, 09 Jul 2022 08:19:53 GMT
GET H/1.1	200 OK	myAlphaWeb2.png monstat.com/	0 300 B	158ms 26ms	Image image/png	40.69.200.41 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://monstat.com/myAlphaWeb2.png?du=http%3A//himalayanstaylodges.com/RFRTA/WARFG/196dd/&dr=&rr=0.8161076973349894 Requested by Host: himalayanstaylodges.com URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Protocol HTTP/1.1 Server 40.69.200.41 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY, SAMEORIGIN, SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://himalayanstaylodges.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 09 Jul 2022 07:49:53 GMT X-Content-Type-Options nosniff Last-Modified Wed, 12 Feb 2020 12:08:06 GMT Server Apache X-Frame-Options DENY, SAMEORIGIN, SAMEORIGIN Content-Type image/png Connection close Accept-Ranges bytes Content-Length 0
GET		OpenSans-Regular.ttf secure.alpha.gr/Login/content/fonts/opensans/	0 0
GET H2	200	el Show response www.alpha.gr/api/ebankingnotification/	841 B 3 KB	152ms 96ms	XHR application/json	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.alpha.gr/api/ebankingnotification/el Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/__imp_apg__/js/sed-alphabank-2260e9ef.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash ef0c68f3593b962c0dcc4bb73d97c1a6c0d156c9446b5fca7708cbe744d15f54 Security Headers Name Value Content-Security-Policy default-src 'self' blob:; img-src 'self' data: blob: 'unsafe-inline' sitecoremedia.blob.core.windows.net marketingalphaprod.streaming.mediaservices.windows.net *.doubleclick.net *.googleapis.com *.gstatic.com *.twitter.com *.twimg.com *.jwpltx.com *.youtube.com *.facebook.com *.google.com *.google.gr *.googletagmanager.com px.ads.linkedin.com *.linkedin.com *.google-analytics.com *.cloudfront.net *.usabilla.com; media-src 'self' blob: *.streaming.mediaservices.windows.net; script-src 'self' data: optimize.google.com *.google-analytics.com snap.licdn.com code.jquery.com blob: 'unsafe-inline' 'unsafe-eval' *.youtube.com *.ytimg.com *.google.com *.googleapis.com *.gstatic.com *.foreks.com *.angularjs.org *.twitter.com *.syndication.twimg.com *.jwpcdn.com *.facebook.net *.facebook.com www.googleadservices.com googleads.g.doubleclick.net az416426.vo.msecnd.net *.googletagmanager.com *.usabilla.com *.cloudfront.net *.hotjar.com www.googleoptimize.com static.ads-twitter.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.foreks.com *.twitter.com optimize.google.com *.usabilla.com *.cloudfront.net fonts.googleapis.com; font-src 'self' data: *.gstatic.com *.foreks.com *.jwpcdn.com *.usabilla.com *.cloudfront.net fonts.googleapis.com; connect-src 'self' analytics.google.com www.google.gr optimize.google.com *.visualstudio.com www.google-analytics.com *.foreks.com *.streaming.mediaservices.windows.net *.twitter.com adservice.google.com az416426.vo.msecnd.net *.doubleclick.net *.cloudfront.net *.usabilla.com *.googleapis.com *.hotjar.com wss://*.hotjar.com *.hotjar.io wss://*.hotjar.io; frame-src 'self' data: blob: *.youtube.com *.ytimg.com *.google.com *.foreks.com *.twitter.com *.facebook.com *.alpha.gr *.alphaprivate.gr *.doubleclick.net *.fls.doubleclick.net *.usabilla.com *.cloudfront.net *.simplecast.com *.hotjar.com; object-src 'self' *.streaming.mediaservices.windows.net *.jwpcdn.com; child-src 'self' data: blob: *.youtube.com *.ytimg.com *.google.com *.foreks.com *.twitter.com *.facebook.com *.alpha.gr; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer http://himalayanstaylodges.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff server date Sat, 09 Jul 2022 07:49:54 GMT expect-ct enforce, max-age=300 x-a-srv 3 content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, max-age=540 permissions-policy accelerometer=(), ambient-light-sensor=(), battery=(), document-domain=(), encrypted-media=(), gyroscope=(), magnetometer=(), midi=(), navigation-override=(), picture-in-picture=(), publickey-credentials-get=(), usb=(), vr=(), wake-lock=(), screen-wake-lock=(), web-share=(), xr-spatial-tracking=() content-security-policy default-src 'self' blob:; img-src 'self' data: blob: 'unsafe-inline' sitecoremedia.blob.core.windows.net marketingalphaprod.streaming.mediaservices.windows.net *.doubleclick.net *.googleapis.com *.gstatic.com *.twitter.com *.twimg.com *.jwpltx.com *.youtube.com *.facebook.com *.google.com *.google.gr *.googletagmanager.com px.ads.linkedin.com *.linkedin.com *.google-analytics.com *.cloudfront.net *.usabilla.com; media-src 'self' blob: *.streaming.mediaservices.windows.net; script-src 'self' data: optimize.google.com *.google-analytics.com snap.licdn.com code.jquery.com blob: 'unsafe-inline' 'unsafe-eval' *.youtube.com *.ytimg.com *.google.com *.googleapis.com *.gstatic.com *.foreks.com *.angularjs.org *.twitter.com *.syndication.twimg.com *.jwpcdn.com *.facebook.net *.facebook.com www.googleadservices.com googleads.g.doubleclick.net az416426.vo.msecnd.net *.googletagmanager.com *.usabilla.com *.cloudfront.net *.hotjar.com www.googleoptimize.com static.ads-twitter.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.foreks.com *.twitter.com optimize.google.com *.usabilla.com *.cloudfront.net fonts.googleapis.com; font-src 'self' data: *.gstatic.com *.foreks.com *.jwpcdn.com *.usabilla.com *.cloudfront.net fonts.googleapis.com; connect-src 'self' analytics.google.com www.google.gr optimize.google.com *.visualstudio.com www.google-analytics.com *.foreks.com *.streaming.mediaservices.windows.net *.twitter.com adservice.google.com az416426.vo.msecnd.net *.doubleclick.net *.cloudfront.net *.usabilla.com *.googleapis.com *.hotjar.com wss://*.hotjar.com *.hotjar.io wss://*.hotjar.io; frame-src 'self' data: blob: *.youtube.com *.ytimg.com *.google.com *.foreks.com *.twitter.com *.facebook.com *.alpha.gr *.alphaprivate.gr *.doubleclick.net *.fls.doubleclick.net *.usabilla.com *.cloudfront.net *.simplecast.com *.hotjar.com; object-src 'self' *.streaming.mediaservices.windows.net *.jwpcdn.com; child-src 'self' data: blob: *.youtube.com *.ytimg.com *.google.com *.foreks.com *.twitter.com *.facebook.com *.alpha.gr; content-length 841 x-xss-protection 1; mode=block expires Sat, 09 Jul 2022 07:58:54 GMT
GET		OpenSans-Bold_1.ttf secure.alpha.gr/ebanking/content/fonts/opensans/	0 0
GET		OpenSans-Bold.woff2 secure.alpha.gr/ebanking/content/fonts/opensans/	0 0
GET		OpenSans-Bold.woff secure.alpha.gr/ebanking/content/fonts/opensans/	0 0
GET H2	200	close-white.svg secure.alpha.gr/static/login/v1/content/media/login/	197 B 432 B	61ms 61ms	Image image/svg+xml	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.alpha.gr/static/login/v1/content/media/login/close-white.svg Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash ac0e33bb17835c7f3da216a59602fddd36fe00ff0702519baa88ef212780a4c0 Request headers accept-language de-DE,de;q=0.9 Referer https://secure.alpha.gr/Login/content/css/login?v=u0YqbwDvfpYBEhKFV8ItiX7aJZaUtmgC6xJVSkLgJmk1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 09 Jul 2022 07:49:54 GMT last-modified Fri, 01 Jul 2022 09:00:38 GMT server x-powered-by etag "0ff4e8298dd81:0" content-type image/svg+xml accept-ranges bytes content-length 197
GET		OpenSans-Bold.ttf secure.alpha.gr/ebanking/content/fonts/opensans/	0 0
POST H/1.1	200 OK	/ Show response monitoring.alpha.gr/appinsights/	49 B 669 B	44ms 44ms	XHR application/json	40.118.101.67 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://monitoring.alpha.gr/appinsights/ Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/__imp_apg__/js/sed-alphabank-2260e9ef.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.118.101.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://himalayanstaylodges.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-type application/json Response headers Pragma no-cache Date Sat, 09 Jul 2022 07:49:54 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Frame-Options DENY Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache Transfer-Encoding chunked Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept X-XSS-Protection 1; mode=block Expires -1
OPTIONS H/1.1	200 OK	/ monitoring.alpha.gr/appinsights/	0 0	146ms 28ms	Preflight	40.118.101.67 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://monitoring.alpha.gr/appinsights/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.118.101.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://himalayanstaylodges.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Cache-Control no-cache Content-Length 0 Date Sat, 09 Jul 2022 07:49:54 GMT Expires -1 Pragma no-cache X-Content-Type-Options nosniff X-Frame-Options DENY X-XSS-Protection 1; mode=block
POST H2	200	/ Show response secure.alpha.gr/__imp_apg__/api/imp/v1.0/report/	193 B 447 B	455ms 455ms	Fetch text/plain	23.36.162.84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secure.alpha.gr/__imp_apg__/api/imp/v1.0/report/?m&fq=load Requested by Host: secure.alpha.gr URL: https://secure.alpha.gr/__imp_apg__/js/sed-alphabank-2260e9ef.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.162.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-162-84.deploy.static.akamaitechnologies.com Software / Resource Hash ae4e492788290fee1856f4c22d1729e2ff01fabe7f629ea2085f6c12bc6cd7dc Request headers accept text/plain,*/*;q=0.9 Referer http://himalayanstaylodges.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 content-type text/plain;charset=UTF-8 Response headers access-control-allow-origin http://himalayanstaylodges.com date Sat, 09 Jul 2022 07:49:55 GMT access-control-allow-credentials true access-control-allow-headers Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 193 access-control-allow-methods OPTIONS, GET, POST content-type text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.woff2

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.woff2

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.woff

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.woff

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.ttf

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.ttf

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.woff2

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.woff

Domain

secure.alpha.gr

URL

https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alpha Bank (Banking)

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| io boolean| ‮saFelNds‭ object| appInsights string| instrumentationKey string| applicationId string| disableBrowserAppInsights string| aiBrowserEndPointAddress string| serverRequestContextOperationId string| operationName string| serverDisplayName object| bootstrap function| BigInteger function| nbi function| am1 function| am2 function| am3 function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm number| BI_FP string| BI_RM object| BI_RC number| rr number| vv number| rng_psize undefined| rng_state object| rng_pool number| rng_pptr function| t object| ua function| z string| b64map string| b64padchar object| sjcl function| u function| A function| C function| y function| B undefined| D undefined| E object| F boolean| G undefined| H object| loginSettings object| userActivityTimeout object| userActivityThrottlerTimeout number| INACTIVE_USER_TIME_THRESHOLD number| USER_ACTIVITY_THROTTLER_TIME function| resetUserActivityTimeout function| userActivityThrottler function| inactiveUserAction function| activateActivityTracker function| doResize function| userModal function| closeNotif function| closeServicesPopover function| closeModal function| rememberMe function| demoLogin function| addRBFAdditionalFields function| submitLogin function| submitReIssuePasswordForm function| submitDocUploadCustomLogin function| submitCardPinLogin function| enc function| dec object| AI object| Microsoft function| __extends function| _endsWith

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			himalayanstaylodges.com/	1970-01-20 13:08:08	Name: ai_user Value: n40CC|2022-07-09T07:49:53.868Z
			himalayanstaylodges.com/	1970-01-20 04:22:34	Name: ai_session Value: bYFf8|1657352994434.5|1657352994434.5
			.himalayanstaylodges.com/	1970-01-20 05:05:44	Name: _imp_apg_r_ Value: %7B%22_fr%22%3A20000%2C%22fr%22%3A%22w4NdI3vZ6NQD06mtaNrk5A%3D%3D3LsqROLpGiRa1mEo4E1P3jKG5J6OvYnShDxPMkHw4vu9o9J5ThmvpolQe29tDEOm7ERnoYqtx1g_4oAR3lK0aPEQGqswewgZ8I0GaNmdaQ4w8Q%3D%3D%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VTDfCe6xek2HoG8ks%3D%22%7D

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.woff2' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.woff2' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.woff' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.woff' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.ttf' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold_1.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.ttf' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/Login/content/fonts/opensans/OpenSans-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.woff2' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.woff' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://himalayanstaylodges.com/RFRTA/WARFG/196dd/ Message: Access to font at 'https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.ttf' from origin 'http://himalayanstaylodges.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.alpha.gr/ebanking/content/fonts/opensans/OpenSans-Bold.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdnjs.cloudflare.com
code.jquery.com
himalayanstaylodges.com
monitoring.alpha.gr
monstat.com
secure.alpha.gr
www.alpha.gr
secure.alpha.gr
184.168.96.189
2001:4de0:ac18::1:a:3a
23.36.162.84
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
40.118.101.67
40.69.200.41
0735fb7399059f96adfcea3b0378e2df6e08488c6b65627e4fb79e1d127b3336
0bfdbbfd68e269cad8dfb7f6f261445a39bca830166501a42830062508d9d60f
0e347b56c115b9a6553a4e3a18e3d39a2b138190e30d80f4fe11ec75c2d849e4
21503eecb48b62604d6855e33399ab5731f3679a03d412065ea47464de612785
23f578151081d3f736ac25ed4f6f13fa9e742998f64f8a9ac6cfaf24af288d62
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
3ba8e512923cd34399ee6274ba26e52ed26d9bc21794092eb8126012120daef9
4626e282c2921300f1f087f82643dfe7c3482ef156d4f151d5d892d1a6cb7f49
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
77977dd2d3ebd112f63e02589d7d362b7ad68e5d35f14cb9737d93be4d97727e
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
900b3cd63b5a865a449df1110947f6d8b31feeb71920745df04370a38305194d
9c8e0bedeab49d20486955665b94e9d00bae581e8897698f9b830311dfb7253a
a0528735cdfd91c5ec3139dee69492183dcf03e3b9a72e3df105a0b113ff96f4
a1612606ef48d6a8c375d4a747b8c1fe4f6927e242ec21c449b27ed0325505f2
a4ba12c1dd4bed11b7f4a18d3f8eae51af0d416ffc40cf009e59bcebc679e40f
a7b625a085dc2e7e3c7c5d882c279d6e6da3a860fb17c041232a575bfe033f1d
a9ba69a712ca83a83213bb90a9f821da8c904c9f954eba6c5e7e23bdad6e2c3e
ac0e33bb17835c7f3da216a59602fddd36fe00ff0702519baa88ef212780a4c0
ae4e492788290fee1856f4c22d1729e2ff01fabe7f629ea2085f6c12bc6cd7dc
b9294cf365d3365ce77692019b950cd5c1c1ea1187aa6cc891b0ee1457578643
ccc3857f312489191143a105a811870ae647d7814faeeb54dc9873cd614022af
d93df990deed7f8f838ceb91bb23721525f1c1ece579b20955218671a06e6b9c
dd892e8748d7c8b9068fc17b082e57ba012a3e1923f8ea0323f4a325e5367e52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed71ce33d772d291d9c787d26972c89d581a81b6b5e10bfaa8a18173a9877f4c
ef0c68f3593b962c0dcc4bb73d97c1a6c0d156c9446b5fca7708cbe744d15f54
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d