urlscan.io logo urlscan.io
SecurityTrails logo

equi5.subsidyaid.com Open in urlscan Pro
34.123.196.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ak.peethach.com/4/6960282/0.02988918723426459
Effective URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=789813...
Submission: On February 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 36 HTTP transactions. The main IP is 34.123.196.68, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is equi5.subsidyaid.com.
TLS certificate: Issued by R3 on January 27th 2024. Valid for: 3 months.
This is the only time equi5.subsidyaid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.55.243.136 20940 (AKAMAI-ASN1)
2 139.45.195.8 9002 (RETN-AS)
1 3 184.87.173.49 20940 (AKAMAI-ASN1)
1 139.45.197.233 9002 (RETN-AS)
1 37.48.68.71 60781 (LEASEWEB-...)
1 2 34.232.110.131 14618 (AMAZON-AES)
14 34.123.196.68 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:23c... 16509 (AMAZON-02)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 2600:1f18:16e... 14618 (AMAZON-AES)
1 104.154.135.87 396982 (GOOGLE-CL...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 54.211.0.99 14618 (AMAZON-AES)
1 34.120.195.249 396982 (GOOGLE-CL...)
36 19
1    23.55.243.136 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-243-136.deploy.static.akamaitechnologies.com
ak.peethach.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
3    184.87.173.49 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-173-49.deploy.static.akamaitechnologies.com
ak.deephicy.net
1    139.45.197.233 (United Kingdom)

ASN9002 (RETN-AS, GB)
e2ertt.com
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
2    34.232.110.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-110-131.compute-1.amazonaws.com
track.additionalbenefits.org
track.subsidyaid.com
14    34.123.196.68 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.196.123.34.bc.googleusercontent.com
equi5.subsidyaid.com
1    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:23cb:4600:9:5bab:8100:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.callcdn.com
1    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2600:1f18:16e:df01::64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
lander-main-microservice.netlify.app
1    104.154.135.87 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.135.154.104.bc.googleusercontent.com
funnel.improveourcredit.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.211.0.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-0-99.compute-1.amazonaws.com
display.ringba.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4506236711272448.ingest.sentry.io
Apex Domain
Subdomains		 Transfer
15 subsidyaid.com
equi5.subsidyaid.com
track.subsidyaid.com
1 MB
3 deephicy.net
ak.deephicy.net — Cisco Umbrella Rank: 125594
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
69 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
996 B
1 sentry.io
o4506236711272448.ingest.sentry.io — Cisco Umbrella Rank: 374360
590 B
1 ringba.com
display.ringba.com — Cisco Umbrella Rank: 84171
791 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 improveourcredit.com
funnel.improveourcredit.com — Cisco Umbrella Rank: 343387
2 KB
1 netlify.app
lander-main-microservice.netlify.app — Cisco Umbrella Rank: 307967
993 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2768
419 B
1 callcdn.com
js.callcdn.com — Cisco Umbrella Rank: 204208
3 KB
1 gstatic.com
fonts.gstatic.com
62 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
45 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
847 B
1 additionalbenefits.org
track.additionalbenefits.org
732 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 49226
468 B
1 e2ertt.com
e2ertt.com — Cisco Umbrella Rank: 102611 Failed
1 peethach.com
ak.peethach.com — Cisco Umbrella Rank: 259600
3 KB
36 18
Domain Requested by
14 equi5.subsidyaid.com equi5.subsidyaid.com
3 ak.deephicy.net 1 redirects ak.peethach.com
ak.deephicy.net
2 connect.facebook.net equi5.subsidyaid.com
connect.facebook.net
2 my.rtmark.net ak.peethach.com
ak.deephicy.net
1 o4506236711272448.ingest.sentry.io equi5.subsidyaid.com
1 track.subsidyaid.com lander-main-microservice.netlify.app
1 display.ringba.com equi5.subsidyaid.com
1 www.facebook.com equi5.subsidyaid.com
1 funnel.improveourcredit.com equi5.subsidyaid.com
1 lander-main-microservice.netlify.app equi5.subsidyaid.com
1 api.ipify.org equi5.subsidyaid.com
1 js.callcdn.com equi5.subsidyaid.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com equi5.subsidyaid.com
1 fonts.googleapis.com equi5.subsidyaid.com
1 track.additionalbenefits.org 1 redirects
1 datatechone.com ak.deephicy.net
1 e2ertt.com ak.peethach.com
1 ak.peethach.com
36 19

This site contains no links.

Subject Issuer Validity Valid
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
ak.hetaruwg.com
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
e2ertt.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
equi5.subsidyaid.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-17 -
2024-02-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.callcdn.com
Amazon RSA 2048 M02		 2024-01-30 -
2025-02-26		 a year crt.sh
ipify.org
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
funnel.improveourcredit.com
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
track.subsidyaid.com
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Frame ID: 8EEC0A7201E4BA0DC146A20F9FA70D7A
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

subsidyaid.com

Page URL History Show full URLs

  1. http://ak.peethach.com/4/6960282/0.02988918723426459 Page URL
  2. https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto= Page URL
  3. https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=6118780&bannerid=20248186&zonety... HTTP 302
    https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

36
Requests

92 %
HTTPS

39 %
IPv6

18
Domains

19
Subdomains

19
IPs

3
Countries

1265 kB
Transfer

1605 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ak.peethach.com/4/6960282/0.02988918723426459 Page URL
  2. https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto= Page URL
  3. https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=6118780&bannerid=20248186&zonetype={zone_type}&campaignid=7898133&device=desktop&region=mi&isp=781237823&source=PR2&medium=push&cost=0.004842&visitor_id=779212285750292541 HTTP 302
    https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.02988918723426459
ak.peethach.com/4/6960282/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ak.peethach.com/4/6960282/0.02988918723426459
Protocol
HTTP/1.1
Server
23.55.243.136 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-243-136.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1071
Content-Type
text/html; charset=utf8
Date
Wed, 07 Feb 2024 21:43:23 GMT
Expires
Wed, 07 Feb 2024 21:43:23 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ak.deephicy.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Trace-Id
ca051e79a832647c4658304fa88af330
bucket
e2ertt.com/ 		0
0
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=557cef0113cc4e48b1d8ae1d0ef2ea0f
Requested by
Host: ak.peethach.com
URL: http://ak.peethach.com/4/6960282/0.02988918723426459
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
http://ak.peethach.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
ak.deephicy.net/4/6118780/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
Requested by
Host: ak.peethach.com
URL: http://ak.peethach.com/4/6960282/0.02988918723426459
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.173.49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-173-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac5d8aa9c9940bd1499a54f264dfe0db791021cec6bd4fcc50946c23efbc0ded

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13306
content-type
text/html; charset=utf8
date
Wed, 07 Feb 2024 21:43:24 GMT
expires
Wed, 07 Feb 2024 21:43:24 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
3671cfd19a132104006b17d94ffba8d0
bucket
e2ertt.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://e2ertt.com/bucket
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.233 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://ak.peethach.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://ak.peethach.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
date
Wed, 07 Feb 2024 21:43:24 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
sftouch
ak.deephicy.net/ 		2 B
539 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.deephicy.net/sftouch?userId=ad58f8d5d84540889099a3f2dbf34557&z=6118780&p_rid=b1edad74-5e33-428e-96ac-803ccb1b5bd0&p_src=sf&branchId=150041&rb=XqvsMb5rzqM9tNQaTXyyxJxs5-qjuIP0I0H9w4cVKkCFTmDe_a4gJyJ5cji_JisWHaL-6U-02hxU4rwlDPjHiE3glQlABUDN9GwIw2LVo41r_gBLXoSwcglHup-MUuea3rAQPEPJ97LhF4Fg-lDJzTChOW8ZdYpBjGQm3tk99ssGCEjhgmJBFnStK-nWf9pmioarhzc5fclh5b2EP7BjpXqVwKt07jNZwCPwO-ioPa4uBdlDH9BavPuZA1bSZVCSbRPgaG_CyiGVvfYq9yJXoDA0S7YGt63P7EjDdB99AvbdyU0trMcPmg==
Requested by
Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.173.49 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-173-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=1
date
Wed, 07 Feb 2024 21:43:24 GMT
x-content-type-options
nosniff
content-length
2
x-trace-id
3e45e9968e02bf3dd1e49f71cdc16663
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.deephicy.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Wed, 07 Feb 2024 21:43:24 GMT
img.gif
my.rtmark.net/ 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=ad58f8d5d84540889099a3f2dbf34557&z=6118780&p_rid=b1edad74-5e33-428e-96ac-803ccb1b5bd0&p_src=sf
Requested by
Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ak.deephicy.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b1edad74-5e33-428e-96ac-803ccb1b5bd0
Requested by
Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://ak.deephicy.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 07 Feb 2024 21:43:24 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://ak.deephicy.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request lander-1
equi5.subsidyaid.com/
Redirect Chain
  • https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false
  • https://track.additionalbenefits.org/742ca7d8-c5c4-499a-a412-67ea49912e87?zoneid=6118780&bannerid=20248186&zonetype={zone_type}&campaignid=7898133&device=desktop&region=mi&isp=781237823&source=PR2&...
  • https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
d3856b4d11d76e6f4fa87973b4ec83dd6ef0e9cb6eeda65b884727f33512fc4b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://ak.deephicy.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
1336
content-type
text/html
date
Wed, 07 Feb 2024 21:43:25 GMT
etag
"65c173d3-538"
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Wed, 07 Feb 2024 21:43:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
pragma
no-cache
server
nginx
css2
fonts.googleapis.com/ 		3 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,300;9..40,400;9..40,500;9..40,600&display=swap
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83b78ab2ca543f34ac77a105efaff8fd77bbdba44939b8be442a1bcc85f14cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Feb 2024 21:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 21:37:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Feb 2024 21:43:25 GMT
scripts.js
equi5.subsidyaid.com/scripts/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/scripts/scripts.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
b416c2ebf4b4d4e71bd515a35a15f45da09c708728cfedb05dc3ed2902fc68dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-2e69"
content-length
11881
content-type
application/javascript
main.8472d217.js
equi5.subsidyaid.com/static/js/ 		776 KB
777 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/static/js/main.8472d217.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
176f2cb0f7d0d607cf3903b22162cec1387e1cfbf363d76b29a2870ee1146128

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-c1ea1"
content-length
794273
content-type
application/javascript
main.6df79cac.css
equi5.subsidyaid.com/static/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://equi5.subsidyaid.com/static/css/main.6df79cac.css
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
7ee7f061f864c34e21a8a9c0a753ec7e61415a7032fc0b04cc784c0134956db0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-43ca"
content-length
17354
content-type
text/css
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 21:43:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
M6/lYhORYr4uzcQmIZBhFtNZoOLDItWhSYALyfJfDvSD6Es737V/Y4iqIiorFevx5/adwkUIUxwHbzm+UcSHkw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8XQHMBR
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/scripts/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e272b913517a877ad9ae77fa9217756aa071f8e76e34d8edb58fc20e28f8d9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46032
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 21:04:08 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Feb 2024 21:43:25 GMT
banner_shape_3.6cde1a3669b1a621d6e6.webp
equi5.subsidyaid.com/static/media/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/banner_shape_3.6cde1a3669b1a621d6e6.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/css/main.6df79cac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
fbefb53e718f4e5f3c2d02656af3678f10b9388a82511855617830f58cd98f61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/static/css/main.6df79cac.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-e908"
content-length
59656
content-type
image/webp
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v14/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,300;9..40,400;9..40,500;9..40,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3e7e94fc36d961b807c8fa6c2bbbd5cf60a746a95c0d01f331d847156b198c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://equi5.subsidyaid.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:14:55 GMT
x-content-type-options
nosniff
age
563310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62704
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:05:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:14:55 GMT
logo.46a0b122f586f8f63c5a.png
equi5.subsidyaid.com/static/media/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/logo.46a0b122f586f8f63c5a.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ef6ebebb5f3b1f249439235c20ce8b7b4da09b4865c7e02cc508b70bfaf54cf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-97df"
content-length
38879
content-type
image/png
subsidycard.b137d19491cceaeca436.webp
equi5.subsidyaid.com/static/media/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/subsidycard.b137d19491cceaeca436.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
1121f900845e1e1d10a24d0ebeca2cba7980de8b55118546879a2e1a54b638d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-6ffc"
content-length
28668
content-type
image/webp
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65df679865cbe83d89e0edcd0f684ea66169fedee5b420cf1b6544e9fa13845

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
news-logo02.ec6acd0201605b43bc54.png
equi5.subsidyaid.com/static/media/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/news-logo02.ec6acd0201605b43bc54.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
0e4b455181a5b285f26758971d8f0b47ee821307adfbf91b6c75602f50c94a0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-5c8e"
content-length
23694
content-type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74e959bdf6b08b492e3b51a00f380ec6dc909967a3e3bdc62f90f9921c77d251

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa9bb74cb885084014960f08e9bcd5fff5eaff8575dc00dd3e70d0a21a426a4a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7ac9ad730d43956d46938079899f41f83714aa8e8affc90186373773c528706

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
news-logo06.0fc68c2f7481ac435f98.png
equi5.subsidyaid.com/static/media/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/news-logo06.0fc68c2f7481ac435f98.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
dbc384bd02b57754a0bfab2891767aa3fa65100af6f9e7947c09eef292606d0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-5909"
content-length
22793
content-type
image/png
002-basket.8e956a38db2baa6a51c4.webp
equi5.subsidyaid.com/static/media/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/002-basket.8e956a38db2baa6a51c4.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
5b8e5d2f27e9fb10aae3edb56fc9134aed9ab59317b7a1fbc7f19bdaca05ffbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-1914"
content-length
6420
content-type
image/webp
003-rent.90b97597dfbe45996927.webp
equi5.subsidyaid.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/003-rent.90b97597dfbe45996927.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
41c5942b665b0d689809e54ad42a829ad7d05b465da0ef6a6834a73f3b40e6b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-a12"
content-length
2578
content-type
image/webp
001-gas-pump.da372692325fa1463351.webp
equi5.subsidyaid.com/static/media/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/001-gas-pump.da372692325fa1463351.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
07edc267cf6450c21b85b43d498632665b785593860e4ea9911219d890179863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-d8a"
content-length
3466
content-type
image/webp
004-online-shopping.014c367a742b5cbdcff8.webp
equi5.subsidyaid.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/004-online-shopping.014c367a742b5cbdcff8.webp
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ddb682b2e3d2ac7f1e637ed27a3b98f4b88145dd09742da03c35ee597b1df525

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-b72"
content-length
2930
content-type
image/webp
trustpilot-logo.228391ce98bdfb1e17b4.png
equi5.subsidyaid.com/static/media/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equi5.subsidyaid.com/static/media/trustpilot-logo.228391ce98bdfb1e17b4.png
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.123.196.68 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.196.123.34.bc.googleusercontent.com
Software
nginx/1.25.3 /
Resource Hash
ddf815a7a7b5ad1e87132638f5d141599075d6f61a5700e21dfd5e44209253ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
last-modified
Mon, 05 Feb 2024 23:48:35 GMT
server
nginx/1.25.3
accept-ranges
bytes
etag
"65c173d3-10dd6"
content-length
69078
content-type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e53d918f1e31a51d64f9780fa1c4d91fcac71db9c13fcb9194d633213158bc7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		813 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee82b191319cab951f67e31261e7c36a53bc0b49fe818f7523614140385b4c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02643c4790593efc994305a03557d68b339e66b3e1dbd390ff10726430dea506

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b59ed497b64917f794e3ee961cbf9dfc4ff6ca5033f9b28d8e76b0c0a2623d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
fd8e30ed-f12f-443f-9584-498b6e0507d5
https://equi5.subsidyaid.com/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://equi5.subsidyaid.com/fd8e30ed-f12f-443f-9584-498b6e0507d5
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
10285
Content-Type
ringba.com.js
js.callcdn.com/js_v3/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callcdn.com/js_v3/min/ringba.com.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:4600:9:5bab:8100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 12:10:50 GMT
content-encoding
gzip
via
1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2024 15:58:04 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
JFK50-P1
age
34354
x-powered-by
ASP.NET
etag
W/"0ce63cbdd43da1:0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
mTw0unQjIdeyRlTvkiUYIkJ1n7pn1mU8qD8MMlVEXNyWUVRqfLpUNQ==
/
api.ipify.org/ 		20 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c140ecc92576581565efce17f4c8553446e817287449d44c3e0b6407247248

Request headers

Accept
application/json, text/plain, */*
Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDDBiGTcjE1JEmjqQJWDNuTCV9UKnRzVmJsfYTdNbPCyrwpzUYZL2FD9vtX3pcFReKHhNNayGOhPV5Naapo91mHF3iDBZVPdbtbI9fDcdruxnVJoGayT72sCdMMdY9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
851ecef1bd554bc3-BUF
content-length
20
volumOfferScript.js
lander-main-microservice.netlify.app/ 		2 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lander-main-microservice.netlify.app/volumOfferScript.js
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df01::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
789b421b522b89a400280aaaed0096fb4c36e54da676914528442495abe7d782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nf-request-id
01HP2RD4RSDTY4C6VZHTTF6X16
date
Wed, 07 Feb 2024 21:43:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
28986
cache-status
"Netlify Edge"; hit
etag
"93347be9e14a8b56ff0067ca578bcc32-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
722
ip
funnel.improveourcredit.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://funnel.improveourcredit.com/ip?key=askdjaslkdjaskjdsla
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.154.135.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.135.154.104.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
d5869c10588a435232576e186fe157539a0fe145f98274cd08edd5ff4cb55bbe

Request headers

Accept
application/json, text/plain, */*
Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 21:43:25 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"6bd-7PmdzM/Lrc/R3uwvxkS4c99M83w"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
1725
1279112236350881
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1279112236350881?v=2.9.145&r=stable&domain=equi5.subsidyaid.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f256c7613955dae449b7ba9d1f3be745949c30db8135da14b58a2ea2193f4652
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 21:43:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11162
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
89bhi36k+I+8ld0C7MMW5WrU5KfN5CGYkeqSmDlTxVQ8O7ldFgKnAFVpc5UjeBZ0XmLhN8r3rWIXSNGxdyklMg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bf2f92c0732dc6b5addcbc92ef06037a013deea689814159b87b0bdf2c63e57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1279112236350881&ev=PageView&dl=https%3A%2F%2Fequi5.subsidyaid.com%2Flander-1%3Fvl_click_id%3Dwt8f8ggatfr1351via9qvfdk%26utm_source%3DPR2%26utm_medium%3Dpush%26utm_campaign%3D7898133%26utm_adset%3D781237823%26utm_ad%3D20248186%26site_id%3D%257Bzone_type%257D%26placement%3D_removed_%26externalclickid%3D779212285750292541%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%25221480fb125459cbca6cff13fbac5d846220d91cf906e466eb2842ef350878138b%2522%255D%257D&rl=&if=false&ts=1707342205716&cd[eventID]=EVENT_IDD1788FD4-95E9-403E-AB9D-D68FB9990ACF.2AC7BD12-177A-422E-9A28-12A16C162728&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707342205712.2024386511&ler=empty&cdl=API_unavailable&it=1707342205602&coo=false&up_url=&rp_url=1480fb125459cbca6cff13fbac5d846220d91cf906e466eb2842ef350878138b&exp=e1&rqm=GET
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/lander-1?vl_click_id=wt8f8ggatfr1351via9qvfdk&utm_source=PR2&utm_medium=push&utm_campaign=7898133&utm_adset=781237823&utm_ad=20248186&site_id=%7Bzone_type%7D&placement=6118780&externalclickid=779212285750292541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Feb 2024 21:43:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
gnbulk
display.ringba.com/v2/nis/ 		400 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.0.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-0-99.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
05edc1a9f9eb0bb2886c2378252bac2293e5180feea794c9fc280508f2c90a48

Request headers

Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 07 Feb 2024 21:43:25 GMT
X-Runtime
0.0020
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://equi5.subsidyaid.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
400
Expires
-1
.js
track.subsidyaid.com/d/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.subsidyaid.com/d/.js?oref=&ourl=https%3A%2F%2Fequi5.subsidyaid.com%2Flander-1%3Fvl_click_id%3Dwt8f8ggatfr1351via9qvfdk%26utm_source%3DPR2%26utm_medium%3Dpush%26utm_campaign%3D7898133%26utm_adset%3D781237823%26utm_ad%3D20248186%26site_id%3D%257Bzone_type%257D%26placement%3D6118780%26externalclickid%3D779212285750292541&opt=subsidyaid.com&vtm=1707342205740
Requested by
Host: lander-main-microservice.netlify.app
URL: https://lander-main-microservice.netlify.app/volumOfferScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.232.110.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-110-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ac3416665f1a1a8599d6bf20dd47beedd144bfa994361b0bd1a5158dd1851dd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://equi5.subsidyaid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 21:43:25 GMT
server
nginx
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
1315
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
o4506236711272448.ingest.sentry.io/api/4506247999520768/envelope/ 		198 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4506236711272448.ingest.sentry.io/api/4506247999520768/envelope/?sentry_key=af570c650df8c0a8b2bf41eb906104b8&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Requested by
Host: equi5.subsidyaid.com
URL: https://equi5.subsidyaid.com/static/js/main.8472d217.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://equi5.subsidyaid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Feb 2024 21:43:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
60:transaction;profile:organization:transaction_usage_exceeded
retry-after
60

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
e2ertt.com
URL
https://e2ertt.com/bucket

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| domain_settings function| fbq function| _fbq string| fbPixelId function| fbcFunc boolean| facebookPixelLoaded object| dataLayer object| _rgba_tags object| __SENTRY__ object| _rgba object| google_tag_manager object| google_tag_data object| ringba function| dtpCallback string| pnumber

26 Cookies

Domain/Path Name / Value
ak.peethach.com/ Name: OAID
Value: 557cef0113cc4e48b1d8ae1d0ef2ea0f
ak.peethach.com/ Name: oaidts
Value: 1707342203
my.rtmark.net/ Name: ID
Value: 557cef0113cc4e48b1d8ae1d0ef2ea0f
ak.deephicy.net/ Name: oaidts
Value: 1707342204
ak.deephicy.net/ Name: OAID
Value: 557cef0113cc4e48b1d8ae1d0ef2ea0f
ak.deephicy.net/ Name: syncedCookie
Value: true
.track.additionalbenefits.org/ Name: 742ca7d8-c5c4-499a-a412-67ea49912e87-v4
Value: 0adSiFFzfV-ue887jsvK5bc5UNQdIaXHF4lr0ZMaQqg
.track.additionalbenefits.org/ Name: cc-v4
Value: u7AxXCabE%2FZcriSm3A3LkPxZ1hLwH1CSar743iKqXkbhUVd5ZOzYNKV2b4MDm3UcN4XRNeOOKv6Jd5NVSBhL4Bf00KxKlVALrGQsEsydusPXjTvnLmGRQ4x6rFTZAQ8Nx9gHU6UaoMOuvPi45yoLog%3D%3D
equi5.subsidyaid.com/ Name: eventID
Value: EVENT_IDD1788FD4-95E9-403E-AB9D-D68FB9990ACF.2AC7BD12-177A-422E-9A28-12A16C162728
.equi5.subsidyaid.com/ Name: eventID
Value: EVENT_IDD1788FD4-95E9-403E-AB9D-D68FB9990ACF.2AC7BD12-177A-422E-9A28-12A16C162728
.equi5.subsidyaid.com/ Name: visitor_id
Value: VISITOR_ID91B017C9-29FA-4224-BB08-526BB7D3AE04.792CD3FE-101B-4D91-84AE-A0BDE92D3C7C
.subsidyaid.com/ Name: eventID
Value: EVENT_IDD1788FD4-95E9-403E-AB9D-D68FB9990ACF.2AC7BD12-177A-422E-9A28-12A16C162728
equi5.subsidyaid.com/ Name: gclid
Value: null
.subsidyaid.com/ Name: gclid
Value: null
equi5.subsidyaid.com/ Name: grbaid
Value: null
.subsidyaid.com/ Name: grbaid
Value: null
equi5.subsidyaid.com/ Name: wbraid
Value: null
.subsidyaid.com/ Name: wbraid
Value: null
equi5.subsidyaid.com/ Name: acc_id
Value: null
.subsidyaid.com/ Name: acc_id
Value: null
equi5.subsidyaid.com/ Name: placement
Value: 6118780
.subsidyaid.com/ Name: placement
Value: 6118780
equi5.subsidyaid.com/ Name: visitor_id
Value: [object%20Object]
.subsidyaid.com/ Name: visitor_id
Value: [object%20Object]
.subsidyaid.com/ Name: _fbp
Value: fb.1.1707342205712.2024386511
equi5.subsidyaid.com/ Name: vl-cid
Value: wt8f8ggatfr1351via9qvfdk

5 Console Messages

Source Level URL
Text
other warning URL: http://ak.peethach.com/partitial/6307334/?var=6960282&ab2r=0&prfrev=false&rhd=false
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.deephicy.net/4/6118780/?var=6960282&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1279112236350881?v=2.9.145&r=stable&domain=equi5.subsidyaid.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://o4506236711272448.ingest.sentry.io/api/4506247999520768/envelope/?sentry_key=af570c650df8c0a8b2bf41eb906104b8&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.deephicy.net
ak.peethach.com
api.ipify.org
connect.facebook.net
datatechone.com
display.ringba.com
e2ertt.com
equi5.subsidyaid.com
fonts.googleapis.com
fonts.gstatic.com
funnel.improveourcredit.com
js.callcdn.com
lander-main-microservice.netlify.app
my.rtmark.net
o4506236711272448.ingest.sentry.io
track.additionalbenefits.org
track.subsidyaid.com
www.facebook.com
www.googletagmanager.com
e2ertt.com
104.154.135.87
139.45.195.8
139.45.197.233
172.67.74.152
184.87.173.49
23.55.243.136
2600:1f18:16e:df01::64
2600:9000:23cb:4600:9:5bab:8100:93a1
2607:f8b0:4006:809::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:820::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.120.195.249
34.123.196.68
34.232.110.131
37.48.68.71
54.211.0.99
02643c4790593efc994305a03557d68b339e66b3e1dbd390ff10726430dea506
05edc1a9f9eb0bb2886c2378252bac2293e5180feea794c9fc280508f2c90a48
07edc267cf6450c21b85b43d498632665b785593860e4ea9911219d890179863
0bf2f92c0732dc6b5addcbc92ef06037a013deea689814159b87b0bdf2c63e57
0e4b455181a5b285f26758971d8f0b47ee821307adfbf91b6c75602f50c94a0d
1121f900845e1e1d10a24d0ebeca2cba7980de8b55118546879a2e1a54b638d9
176f2cb0f7d0d607cf3903b22162cec1387e1cfbf363d76b29a2870ee1146128
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
41c5942b665b0d689809e54ad42a829ad7d05b465da0ef6a6834a73f3b40e6b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5b8e5d2f27e9fb10aae3edb56fc9134aed9ab59317b7a1fbc7f19bdaca05ffbc
5e53d918f1e31a51d64f9780fa1c4d91fcac71db9c13fcb9194d633213158bc7
74e959bdf6b08b492e3b51a00f380ec6dc909967a3e3bdc62f90f9921c77d251
789b421b522b89a400280aaaed0096fb4c36e54da676914528442495abe7d782
7ee7f061f864c34e21a8a9c0a753ec7e61415a7032fc0b04cc784c0134956db0
83b78ab2ca543f34ac77a105efaff8fd77bbdba44939b8be442a1bcc85f14cb2
a65df679865cbe83d89e0edcd0f684ea66169fedee5b420cf1b6544e9fa13845
ac3416665f1a1a8599d6bf20dd47beedd144bfa994361b0bd1a5158dd1851dd8
ac5d8aa9c9940bd1499a54f264dfe0db791021cec6bd4fcc50946c23efbc0ded
b3b59ed497b64917f794e3ee961cbf9dfc4ff6ca5033f9b28d8e76b0c0a2623d
b416c2ebf4b4d4e71bd515a35a15f45da09c708728cfedb05dc3ed2902fc68dd
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
d3856b4d11d76e6f4fa87973b4ec83dd6ef0e9cb6eeda65b884727f33512fc4b
d5869c10588a435232576e186fe157539a0fe145f98274cd08edd5ff4cb55bbe
dbc384bd02b57754a0bfab2891767aa3fa65100af6f9e7947c09eef292606d0f
ddb682b2e3d2ac7f1e637ed27a3b98f4b88145dd09742da03c35ee597b1df525
ddf815a7a7b5ad1e87132638f5d141599075d6f61a5700e21dfd5e44209253ba
e272b913517a877ad9ae77fa9217756aa071f8e76e34d8edb58fc20e28f8d9c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ac9ad730d43956d46938079899f41f83714aa8e8affc90186373773c528706
ee82b191319cab951f67e31261e7c36a53bc0b49fe818f7523614140385b4c2e
ef3e7e94fc36d961b807c8fa6c2bbbd5cf60a746a95c0d01f331d847156b198c
ef6ebebb5f3b1f249439235c20ce8b7b4da09b4865c7e02cc508b70bfaf54cf9
f256c7613955dae449b7ba9d1f3be745949c30db8135da14b58a2ea2193f4652
f3c140ecc92576581565efce17f4c8553446e817287449d44c3e0b6407247248
fa9bb74cb885084014960f08e9bcd5fff5eaff8575dc00dd3e70d0a21a426a4a
fbefb53e718f4e5f3c2d02656af3678f10b9388a82511855617830f58cd98f61