urlscan.io logo urlscan.io
SecurityTrails logo

d1ue3yi0hkdsdl.cloudfront.net Open in urlscan Pro
2600:9000:2511:f600:13:1772:3a40:21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sandeo.org/
Effective URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2O...
Submission: On October 13 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 87 HTTP transactions. The main IP is 2600:9000:2511:f600:13:1772:3a40:21, located in and belongs to . The main domain is d1ue3yi0hkdsdl.cloudfront.net.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.
This is the only time d1ue3yi0hkdsdl.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    162.222.227.139 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
sandeo.org
2    91.211.91.112 (Ukraine)

ASN206638 (HOSTFORY, UA)
track.greengoplatform.com
collect.greengoplatform.com
8    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
fonts.bunny.net
1    91.211.91.114 (Ukraine)

ASN206638 (HOSTFORY, UA)
cdn.weatherplllatform.com
1    2607:f8b0:4006:807::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    91.211.91.104 (Ukraine)

ASN206638 (HOSTFORY, UA)
away.bettershitecolumn.com
12    2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2607:f8b0:4006:807::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
maps.gstatic.com
3    185.177.94.108 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com
trackspecialdomain.com
0.trackspecialdomain.com
2    2600:1f18:43d1:2a02:b6ee:327b:545e:e578 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track.themaccleanup.info
track.getpageurl.com
28    2600:9000:2511:f600:13:1772:3a40:21 (None, )

ASN- ()
d1ue3yi0hkdsdl.cloudfront.net
1    2606:4700::6811:180e (None, )

ASN- ()
cdnjs.cloudflare.com
1    2607:f8b0:4006:820::2003 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
28 cloudfront.net
d1ue3yi0hkdsdl.cloudfront.net
575 KB
24 sandeo.org
sandeo.org
5 MB
12 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 656
323 KB
8 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 93606
112 KB
3 trackspecialdomain.com
trackspecialdomain.com — Cisco Umbrella Rank: 500091 Failed
0.trackspecialdomain.com — Cisco Umbrella Rank: 954946
71 KB
3 gstatic.com
maps.gstatic.com
www.gstatic.com
71 KB
3 bettershitecolumn.com
away.bettershitecolumn.com — Cisco Umbrella Rank: 293295 Failed
1 KB
2 greengoplatform.com
track.greengoplatform.com
collect.greengoplatform.com
2 KB
1 cloudflare.com
cdnjs.cloudflare.com
14 KB
1 getpageurl.com
track.getpageurl.com
719 B
1 themaccleanup.info
track.themaccleanup.info
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 19
2 KB
1 weatherplllatform.com
cdn.weatherplllatform.com — Cisco Umbrella Rank: 302008
2 KB
87 13
Domain Requested by
28 d1ue3yi0hkdsdl.cloudfront.net d1ue3yi0hkdsdl.cloudfront.net
24 sandeo.org sandeo.org
12 maps.googleapis.com www.google.com
maps.googleapis.com
8 fonts.bunny.net sandeo.org
fonts.bunny.net
3 away.bettershitecolumn.com cdn.weatherplllatform.com
2 0.trackspecialdomain.com 1 redirects sandeo.org
2 maps.gstatic.com www.google.com
1 www.gstatic.com d1ue3yi0hkdsdl.cloudfront.net
1 cdnjs.cloudflare.com d1ue3yi0hkdsdl.cloudfront.net
1 track.getpageurl.com
1 track.themaccleanup.info sandeo.org
1 trackspecialdomain.com away.bettershitecolumn.com
1 www.google.com sandeo.org
1 collect.greengoplatform.com sandeo.org
1 cdn.weatherplllatform.com sandeo.org
1 track.greengoplatform.com sandeo.org
87 16

This site contains no links.

Subject Issuer Validity Valid
greengoplatform.com
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh
fonts.bunny.net
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
cdn.weatherplllatform.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
sandeo.org
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
away.bettershitecolumn.com
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
trackspecialsdomain.com
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
track.themaccleanup.info
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh
track.getpageurl.com
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Frame ID: 4F4708B8B3BC70A555198428664EEF40
Requests: 73 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Frame ID: 60BF4FCC82660829788EB8323FF0C2DD
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sandeo.org/ Page URL
  2. https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
    https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
    https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 Page URL
  3. https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1 Page URL
  4. https://0.trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1 Page URL
  5. https://0.trackspecialdomain.com/?auf=gbqwgzbtmu5diojygyxtonbvgixtemrpge3dmnjwgiztomjw&s=1&sub1=&sub2=zingers... HTTP 302
    https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=02efcff4-4c6e-... Page URL
  6. https://track.getpageurl.com/?redirectUrl=https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.h... Page URL
  7. https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5Z... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

87
Requests

83 %
HTTPS

54 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

6465 kB
Transfer

8333 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sandeo.org/ Page URL
  2. https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
    https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
    https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 Page URL
  3. https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1 Page URL
  4. https://0.trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1 Page URL
  5. https://0.trackspecialdomain.com/?auf=gbqwgzbtmu5diojygyxtonbvgixtemrpge3dmnjwgiztomjw&s=1&sub1=&sub2=zingersd1&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
    https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=02efcff4-4c6e-48ac-ae45-6b5680bec91b&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0 Page URL
  6. https://track.getpageurl.com/?redirectUrl=https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253D02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1%253Dfeed14986..c2%253Dddcf50c6..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.trackspecialdomain.com%25252F Page URL
  7. https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
  • https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
  • https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
Request Chain 57
  • https://0.trackspecialdomain.com/?auf=gbqwgzbtmu5diojygyxtonbvgixtemrpge3dmnjwgiztomjw&s=1&sub1=&sub2=zingersd1&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
  • https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=02efcff4-4c6e-48ac-ae45-6b5680bec91b&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sandeo.org/ 		188 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
af3959079a8c31024b59c2194e96bbbdc545bc98c1cc92aa13f4c7a398441ff9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 01:15:08 GMT
Keep-Alive
timeout=5, max=75
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding
smile.js
track.greengoplatform.com/ 		2 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.greengoplatform.com/smile.js?v=1.1.1
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.112 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:12 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
style.min.css
sandeo.org/wp-includes/css/dist/block-library/ 		87 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 00:42:29 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
16594
style.css
sandeo.org/wp-content/themes/popularfx/ 		29 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/themes/popularfx/style.css?ver=1.2.4
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
f994b680ca84a21764c18174c5069b47450191d733770cc43bf9f90ce4718c39

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2022 00:18:16 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
9292
sidebar.css
sandeo.org/wp-content/themes/popularfx/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/themes/popularfx/sidebar.css?ver=1.2.4
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
68b3115a11b8b8d65df8de2c2d0bb86eb1ba963a6be66a93e5ff1460b49557aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2022 00:18:16 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
2841
css
fonts.bunny.net/ 		85 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
a289c43deb15f25b3a7a0e30ea087f3ed171c1f39b8da8762bd9c21f268a2baf

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:11 GMT
content-encoding
br
cdn-edgestorageid
885
x-do-app-origin
1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
cdn-cachedat
10/12/2022 13:12:47
cdn-pullzone
781720
last-modified
Wed, 12 Oct 2022 13:12:47 GMT
server
BunnyCDN-NY-885
cdn-proxyver
1.02
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
358547523888d846133c02fe3b47dc33
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
group-1.css
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/group-1.css?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
b06b196c4d20360be56b475a0ba357cc3dd8c451ec98edb2a242514c8b6c515c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
8691
preview.css
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/ 		269 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/preview.css?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
26aa33719460f8723c8faea0a26b2a2c6939a309b97a12616cd14ccfefe5dcc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
jquery.min.js
sandeo.org/wp-includes/js/jquery/ 		92 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
5f97a8b3d08909b32eb6615e4148b6c522b40f75ce829ae86f6604b81f691e61

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 15:58:42 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
jquery-migrate.min.js
sandeo.org/wp-includes/js/jquery/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
4bc31d0cc5c98975e21c66b5e75249857fae081d12a1d4085083a10e214f51b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 15:58:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
6247
navigation.js
sandeo.org/wp-content/themes/popularfx/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2022 00:18:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
1805
group-1.js
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/ 		136 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/group-1.js?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
ee36309f7838cc79a85567f3a9f7c97fd5b2326b70d118000a2b3811cadaa435

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
preview.js
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/ 		186 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/preview.js?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
937cca6a0a751e4c7cfb0eb89d269287c8bcd4bb17e5fd170e30b1777f41043d

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
result.js
cdn.weatherplllatform.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weatherplllatform.com/result.js?v=000
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
4b1238a1b9202c3d215ed7b3f05a6cf12fb71d520d2066f25bbda095603dc9dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 14:46:59 GMT
server
nginx
etag
W/"6331bb63-182c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
sandeo.org/wp-includes/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
5afb096d2039e3330a5f0735fcfe077560b8c6c6f1e043c63736fdac5dcac9f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 18:58:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
6904
flag.js
collect.greengoplatform.com/ 		2 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.greengoplatform.com/flag.js?v=7.1.3
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.112 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:14 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Big-Logo-2-1024x721.png
sandeo.org/wp-content/uploads/2022/01/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/Big-Logo-2-1024x721.png
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
612f08bb65b058e3ca7ef1ee54d6800ad88f2e89ab85196198d7a7262b413e1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
last-modified
Thu, 13 Jan 2022 17:23:45 GMT
server
Apache
accept-ranges
bytes
content-length
74275
content-type
image/png
place
www.google.com/maps/embed/v1/ Frame 60BF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Ph0yoBhE9UOrrcrcQEFqCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sandeo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1390
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Ph0yoBhE9UOrrcrcQEFqCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 01:15:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
IMG-20201004-WA0067.jpg
sandeo.org/wp-content/uploads/2022/01/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201004-WA0067.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
last-modified
Fri, 14 Jan 2022 09:58:55 GMT
server
Apache
accept-ranges
bytes
content-length
102233
content-type
image/jpeg
84a8d056be6cae487f1bd0cec4e5063e.jpg
sandeo.org/wp-content/uploads/2022/01/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/84a8d056be6cae487f1bd0cec4e5063e.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
last-modified
Thu, 13 Jan 2022 16:44:01 GMT
server
Apache
accept-ranges
bytes
content-length
3847961
content-type
image/jpeg
IMG-20220226-WA0014.jpg
sandeo.org/wp-content/uploads/2022/04/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/04/IMG-20220226-WA0014.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
last-modified
Fri, 29 Apr 2022 16:43:46 GMT
server
Apache
accept-ranges
bytes
content-length
96080
content-type
image/jpeg
IMG-20201128-WA0020.jpg
sandeo.org/wp-content/uploads/2022/01/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0020.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
last-modified
Fri, 14 Jan 2022 09:35:17 GMT
server
Apache
accept-ranges
bytes
content-length
166810
content-type
image/jpeg
IMG-20201128-WA0022.jpg
sandeo.org/wp-content/uploads/2022/01/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0022.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
last-modified
Fri, 14 Jan 2022 09:36:18 GMT
server
Apache
accept-ranges
bytes
content-length
136727
content-type
image/jpeg
IMG-20201116-WA0033.jpg
sandeo.org/wp-content/uploads/2022/01/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201116-WA0033.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
last-modified
Fri, 14 Jan 2022 09:37:31 GMT
server
Apache
accept-ranges
bytes
content-length
109260
content-type
image/jpeg
IMG-20201002-WA0088.jpg
sandeo.org/wp-content/uploads/2022/01/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201002-WA0088.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
last-modified
Fri, 14 Jan 2022 09:38:23 GMT
server
Apache
accept-ranges
bytes
content-length
135332
content-type
image/jpeg
IMG-20201128-WA0021.jpg
sandeo.org/wp-content/uploads/2022/01/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0021.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
last-modified
Fri, 14 Jan 2022 09:39:18 GMT
server
Apache
accept-ranges
bytes
content-length
139765
content-type
image/jpeg
IMG-20220307-WA0009.jpg
sandeo.org/wp-content/uploads/2022/04/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/04/IMG-20220307-WA0009.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
last-modified
Fri, 29 Apr 2022 16:46:16 GMT
server
Apache
accept-ranges
bytes
content-length
85296
content-type
image/jpeg
lato-latin-400-normal.woff2
fonts.bunny.net/lato/files/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
09/26/2022 14:29:26
cdn-pullzone
781720
content-length
23580
last-modified
Fri, 10 Jun 2022 22:58:50 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3ccaa-5c1c"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
3f599b247e595bf39a05ec9c8e8c92b8
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
IMG-20201128-WA0019.jpg
sandeo.org/wp-content/uploads/2022/01/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0019.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
last-modified
Fri, 14 Jan 2022 10:02:11 GMT
server
Apache
accept-ranges
bytes
content-length
176080
content-type
image/jpeg
overpass-latin-400-normal.woff2
fonts.bunny.net/overpass/files/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/overpass/files/overpass-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
09/27/2022 02:16:28
cdn-pullzone
781720
content-length
15792
last-modified
Sat, 11 Jun 2022 00:01:11 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3db47-3db0"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
822555b223e0baaf6dbd67bb6f2c97f5
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
overpass-latin-700-normal.woff2
fonts.bunny.net/overpass/files/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/overpass/files/overpass-latin-700-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
09/28/2022 08:11:35
cdn-pullzone
781720
content-length
16296
last-modified
Sat, 11 Jun 2022 00:01:12 GMT
server
BunnyCDN-NY-885
cdn-fileserver
341
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3db48-3fa8"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
85f90fed5ec91671f97a10a240767937
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-700-normal.woff2
fonts.bunny.net/montserrat/files/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
1efb6b34aee777f657af03fc18ab7ec444bcb7025b175edbd489c3c984035f34

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-267
cdn-cachedat
09/27/2022 01:51:41
cdn-pullzone
781720
content-length
12804
last-modified
Fri, 10 Jun 2022 23:12:03 GMT
server
BunnyCDN-NY-885
cdn-fileserver
341
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc3-3204"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
e85c138a42dfb3ebdd83241490456190
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-400-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-353
cdn-cachedat
09/27/2022 01:50:48
cdn-pullzone
781720
content-length
12708
last-modified
Fri, 10 Jun 2022 23:12:02 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc2-31a4"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
fc3474b142e453cd506d3fa4818b550b
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-500-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
d1fc21927293f00261a8795efadbdfa16d14521479402d72328c00482a6ba6b9

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-346
cdn-cachedat
09/27/2022 01:50:28
cdn-pullzone
781720
content-length
12748
last-modified
Fri, 10 Jun 2022 23:12:03 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc3-31cc"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
6a46b89214ba11fb3350f57e0e14ce1d
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-600-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
e7816b6bd80713ced0fabbf061d7ad97d6d1ff4fbf94a1e2b17fbd61421a3a17

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:12 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-353
cdn-cachedat
09/27/2022 01:52:33
cdn-pullzone
781720
content-length
12708
last-modified
Fri, 10 Jun 2022 23:12:03 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc3-31a4"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
fbdfde015dc697de9b83e43c7e1e6187
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
IMG-20201201-WA0014-705x470x117x0x470x470x1642152596.jpg
sandeo.org/wp-content/uploads/brizy/imgs/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandeo.org/wp-content/uploads/brizy/imgs/IMG-20201201-WA0014-705x470x117x0x470x470x1642152596.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
52750d60a0620ca6c1c719083cc9f132729f3bd0d55045b83b7cd19a9c3a175f

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 01:15:12 GMT
Last-Modified
Fri, 14 Jan 2022 10:39:27 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=71
Content-Length
25299
hit.php
away.bettershitecolumn.com/ 		0
0
track.php
away.bettershitecolumn.com/
Redirect Chain
  • https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46
  • https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29
  • https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
840 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
Requested by
Host: cdn.weatherplllatform.com
URL: https://cdn.weatherplllatform.com/result.js?v=000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
http://sandeo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
840
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 01:15:15 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 01:15:14 GMT
location
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
server
nginx
strict-transport-security
max-age=15768000;
x-powered-by
PHP/7.3.33
js
maps.googleapis.com/maps/api/ Frame 60BF 		171 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 00:47:50 GMT
content-encoding
gzip
server
mafe
age
1643
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=23
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56901
x-xss-protection
0
expires
Thu, 13 Oct 2022 01:17:50 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 60BF 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/50/9/ Frame 60BF 		221 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/50/9/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68888
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame 60BF 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69562
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame 60BF 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61932
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame 60BF 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25787
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame 60BF 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1387
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:45 GMT
truncated
/ Frame 60BF 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 60BF 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i2479665&2i3000706&2e1&3u15&4m2&1u701&2u400&5m6&1e0&5sen-CA&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=97270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:14 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99717
x-xss-protection
0
expires
Fri, 14 Oct 2022 01:15:14 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame 60BF 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9987
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame 60BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 20:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1399
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 20:55:09 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 60BF 		326 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:14 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 13 Oct 2022 01:15:14 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 60BF 		31 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d45.48569171877462&2d-73.61542848912585&2m2&1d45.52298789258587&2d-73.52399270816923&2u15&4sen-CA&5e0&6sm%40622000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._mwby3j&client=google-maps-embed&token=77429
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 01:15:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=63
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3412
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 60BF 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._5a9ztt&client=google-maps-embed&token=89078
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 01:15:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 60BF 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7s6dcr8r&10e1&11b0&callback=_xdc_._akdgkj&client=google-maps-embed&token=106345
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 01:15:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trackspecialdomain.com/ 		0
0
/
trackspecialdomain.com/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1
Requested by
Host: away.bettershitecolumn.com
URL: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
12e24d3bd3617157b0a98fab133e4109b81de3971fbc548ecec54cd5c5b137d7
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 01:15:15 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
/
0.trackspecialdomain.com/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
55b1b698a4dd0c22aed6a80cf9e74befdde35f072a37ea271e836c681cc71a2b
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trackspecialdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 01:15:16 GMT
server
nginx
strict-transport-security
max-age=31536000
70bbac94-8fb3-46e5-a455-a05f447155f4
track.themaccleanup.info/go/
Redirect Chain
  • https://0.trackspecialdomain.com/?auf=gbqwgzbtmu5diojygyxtonbvgixtemrpge3dmnjwgiztomjw&s=1&sub1=&sub2=zingersd1&sub3=&sub4=&cpc=0&cpm=0
  • https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=02efcff4-4c6e-48ac-ae45-6b5680bec91b&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA...
756 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=02efcff4-4c6e-48ac-ae45-6b5680bec91b&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:43d1:2a02:b6ee:327b:545e:e578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash
3db5042855fc8684d70b5a3fe99aaa016d349164f66c8de4e064e74919eb016a

Request headers

Referer
https://0.trackspecialdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 01:15:17 GMT
etag
W/"2f4-3ATHa4ocmMn8bGZ1+k8lOxbXl9o"
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
openresty
vary
Accept-Encoding
x-response-time
9.215ms

Redirect headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 01:15:17 GMT
location
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=02efcff4-4c6e-48ac-ae45-6b5680bec91b&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0
server
nginx
strict-transport-security
max-age=31536000
/
track.getpageurl.com/ 		607 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.getpageurl.com/?redirectUrl=https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253D02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1%253Dfeed14986..c2%253Dddcf50c6..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.trackspecialdomain.com%25252F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:43d1:2a02:b6ee:327b:545e:e578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash
c418178c97c824f111862d978975035bd6fe595eee7176737e64ab3b1c93da00

Request headers

Referer
https://track.themaccleanup.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 01:15:17 GMT
etag
W/"25f-O/RUrI1ph5/BB/pUdJFok5wgTzM"
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
openresty
vary
Accept-Encoding
x-response-time
4.497ms
Primary Request index.html
d1ue3yi0hkdsdl.cloudfront.net/English/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d00803227cc83b92a70fc2977de7bdcfe7e6129b5d8d0820fce0de17867b677

Request headers

Referer
https://track.getpageurl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
62637
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 07:51:21 GMT
etag
W/"07766fdfb575b864b3f30f54bae953c4"
last-modified
Fri, 19 Aug 2022 10:47:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
x-amz-cf-id
0Jwdgvh_jDJQ-gUDz7qJvzrYqLJY8rDFw7Dv7zEmxN3E13mqLKczYQ==
x-amz-cf-pop
JFK50-P6
x-cache
Hit from cloudfront
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d1ue3yi0hkdsdl.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:15:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3426765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13696
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-bb47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zeFHGgf9wo75%2BW0noSSFdRiiO0%2Bo7N2n106Plrs3LT6rMRp6DUO%2B6wNX6fji8o6dyGuvSdleRxBoY5ijkCsptUOZozy5wJNtRMOmzVqy%2F04wc6UP1PwyNvnems1yBvoLtGioGbNdsZOXmDvKIpITrib"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7594392c8a14713f-YUL
expires
Tue, 03 Oct 2023 01:15:17 GMT
script.js
d1ue3yi0hkdsdl.cloudfront.net/English/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/js/script.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:27:31 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
24467
etag
W/"a09e13ee94d51c524b7e2a728c7d4039"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_9ZPIqxq1G5-mI2xQCm8cN3s6BMBNtMfzzM4rybtQAoI57rmk0l37g==
modules.js
d1ue3yi0hkdsdl.cloudfront.net/English/js/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/js/modules.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de27d8901cbc3c7069d94a4c89267f10861e5eb1a1d906871e3ca75102562f1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 08:54:14 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
58864
etag
W/"c58c9188742521818ab13ca8b3e988ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
cGiFa6kPq7reW_MQ7pAEoMh_QZ8OVA25TT4Pu1lWTseB_ZFfkS0O9A==
custom.js
d1ue3yi0hkdsdl.cloudfront.net/English/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/js/custom.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e497502ccd62847fe887656d239686ad1c7ee291f3a27a5ee4bb74eb09e3bb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:13:17 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
57721
etag
W/"2414861da864646b2a5b01a142f87b7f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
w9Ee1BmGTcLfkaQxQ67aT5YnRgi3zHo1o7-nLowBCxBwQQaX9V5mBw==
froala.min.css
d1ue3yi0hkdsdl.cloudfront.net/English/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/froala.min.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 10:22:14 GMT
content-encoding
br
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
53584
etag
W/"8d4fba5186f02a0c4458986b0cf91667"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
6DCy-gp2lNiclW1FZP0yBJwQ16jQiGz-URyC_Fj1T_Trj1Vwtj3R9w==
style.css
d1ue3yi0hkdsdl.cloudfront.net/English/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/style.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49843610a21ee923bdec4d71775cbde80546a3d42e6b026c989bb120e2e664eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:30:30 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
42288
etag
W/"1a230ec60ecc7ea03295e24cb5d40378"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
6FJx3QgwD3qpyzYCnUlRHwYsHgZsK1MZ5DNc53akn_7_0UCXy2TbUw==
custom.css
d1ue3yi0hkdsdl.cloudfront.net/English/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/custom.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f293e85b57979f8b60faf784b11b159858ebeae3abd3a50928d078d6c9833d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 01:59:24 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
83753
etag
W/"afa5fe55f8ea711be28492c72405ce3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
3fI6JdYr0BzNJJZGC1CPRu7OzG98ajZf3QuPT5puR4D8qRFwtw2ujQ==
main.d953d00b.js
d1ue3yi0hkdsdl.cloudfront.net/English/static/js/ 		153 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/static/js/main.d953d00b.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc755750023fdfc750d9ff02ad2c5249c1a732e167a6f4684589ffb5f9fbb44

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:30:30 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
42288
etag
W/"38eb0d65f80caf7ea8fe1d063e96ea3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
a9YnIA_n-6CK4TunUBm44OcOQ7m-fyc1s-d75s9jEd1aVDbGpI9WGg==
main.e6c13ad2.css
d1ue3yi0hkdsdl.cloudfront.net/English/static/css/ 		337 B
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/static/css/main.e6c13ad2.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:52 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8647
etag
"9f6fd7b89af737fe9ff6849a58501b1b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
337
x-amz-cf-id
1_xdPXWRoMEvlB0w4FOVScE-1ANQi1K905wcMKbYsSRJWHG4qqA0_Q==
bg-image.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/bg-image.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:03:59 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25879
etag
"bc336a3a0c484d7c65299b9c4af45596"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
302963
x-amz-cf-id
3wuCvY0-V66u6XrO2EN82R1sQ2yk5CLyJq-I6CVhwtdS2tuOiW4iyw==
--vector-logo.svg
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		1 KB
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--vector-logo.svg
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:21:46 GMT
content-encoding
gzip
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:55 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
32012
etag
W/"6afb794723ba525f2c526c9899569924"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
f55lwJt8bNoZow20YZy34o6Lt7aQAWJBFK56qHjpZ4Cz6cwJ-BWjGg==
--full-site-logo.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--full-site-logo.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8646
etag
"945db2cdbd67e8ad20315672f80c1f18"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4714
x-amz-cf-id
Ulo2BAhu8vGdUNOxMkbM51x9EDi15MrmypfEUezyRST1WXifQ9T0_A==
--spread-sheet-image1.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		128 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image1.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 20:32:52 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
17096
etag
"0bb86caf792dd7d24731c18cd37bb68e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
AHFjmPtgH5ol1s54FRNzCGLCyc3xuRs7HLBJFFJMfVCE479s0RCMyQ==
--spread-sheet-image2.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		293 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image2.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25878
etag
"9eb68d2ce05c151bda542a7a6356e22c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
293
x-amz-cf-id
iLBV8ZSJCLhlixmiTqWFMYt089QEDtusj3R-cTaO34gIAh1K4RZ58A==
--spread-sheet-image3.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		364 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image3.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8646
etag
"e144c3378090087c8ce129a30cb6cb4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
364
x-amz-cf-id
AJrwFloRN0A-qf2gNl7_lDmbHs5vdiC6Y6XnBzVM845dhc1vxtXgKw==
--spread-sheet-image4.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		349 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image4.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25878
etag
"7454c652e0733d92de6c920c2d646ae0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
349
x-amz-cf-id
hHdb-zQDQwna1I923xgkqxrg0I87HWiVwZTW0Qx0BgwnkOLra2zjGw==
--section-image.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--section-image.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25877
etag
"9979fef59356099c8f41e2248fb3765d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
70593
x-amz-cf-id
VnsnACrYwXTfINwtlCWMITlrUAHKX1gBvdHzcbMiNyhnUSKUgwJaCw==
--security-image.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		511 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--security-image.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:53:13 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
17095
etag
"af3aca2036675c5979fb535c5d190f15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
511
x-amz-cf-id
Ry55skaeY48GZZRolGADWIxlvsgqnojqtMrMRv56d2QxG-M2CnxLRw==
--identity-image.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--identity-image.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8646
etag
"af52e51f42fd0c55bc3cf2c8ece71492"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
1547
x-amz-cf-id
4UmzVJcPR6a7uVlMIdNtdFqLVzARFpiUMjWMRiTkmlu6NI9LDA8-fw==
--performance-image.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--performance-image.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 20:00:16 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25878
etag
"da9d153375da51a616a7663f1504e3a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
949
x-amz-cf-id
sWMWEsSq6G8L9JPqL-dysu6P-PzHxIL_AA0K0RUNJIVItV6gk3g0rQ==
--logo.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--logo.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8646
etag
"f460adcdcb62bffc8961d6681d5042be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1709
x-amz-cf-id
IXr04WM0_-Y_E2AtmCnTU8tNgV0gHpXwlhNQhYopLcx81XBfL0DYiQ==
--scanning-image.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--scanning-image.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:28 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25878
etag
"c391e0f03315c1de2f0c3091c1170b38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2178
x-amz-cf-id
x2Dv_RSx9obK1W9sPnWN9VyA_VfS2fr15K1OOjFGuGm7KkN34-DndA==
--full-site-logo1.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--full-site-logo1.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:01 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25877
etag
"63fb2900e5622e4a6cadfd616f84476e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7254
x-amz-cf-id
Rxavk266FAyb7vxOiqzN8t7kLRf_989S8RhQFcVuoX8AW4NbAOtksg==
--spread-sheet-image5.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		69 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image5.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:01 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25877
etag
"3ae573d079dcd1d2da4086f2c0c72c45"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
69
x-amz-cf-id
AHkxs1A-Qf0u-5WKCZiRWsJ8bgK-nUispKG5G0Ld3n-keb_HKv1z5w==
--spread-sheet-image6.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		377 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image6.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8647
etag
"c10bdec858cb0cf9e6cc5865d5925746"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
377
x-amz-cf-id
Gm-YXitlIFWIqWJAUqRn31LHHLz5b6T8qcrTg_BTBWAhCqQP6SYWiA==
--spread-sheet-image7.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		234 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image7.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
8646
etag
"9ce99ec458daf212f9812a90f3fadd13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
234
x-amz-cf-id
0svTGxhuFR3KqSmVUP52Nx-tiY3rdVPcnsMDhPzGFjqGkPvY5iCM7w==
--translate.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--translate.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:01 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
25877
etag
"e9cd262114358f26b7608b56905185dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
846
x-amz-cf-id
5bxhMiECXsnZnIXp1j3pZkSdC-_1peQc_H1CpytRt7EFZlrRWtbhqA==
ring.mp3
d1ue3yi0hkdsdl.cloudfront.net/English/audio/ 		16 KB
16 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/audio/ring.mp3
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:f600:13:1772:3a40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 12 Oct 2022 11:21:58 GMT
via
1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
50000
etag
"d6040c63cafad92b0c2933569de365c0"
x-cache
Hit from cloudfront
content-type
audio/mp3
Content-Range
bytes 0-15931/15932
accept-ranges
bytes
x-amz-cf-id
UzSgFGY8lQ3kHgvH7YwLNAUF23hp_bS3fNrG1NXKDYHs1GSTGIcETQ==
Content-Length
15932
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d1ue3yi0hkdsdl.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:59:59 GMT
x-content-type-options
nosniff
age
18919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 12 Oct 2023 19:59:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
away.bettershitecolumn.com
URL
https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46
Domain
trackspecialdomain.com
URL
https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

7 Cookies

Domain/Path Name / Value
.trackspecialdomain.com/ Name: uuid
Value: 6582975a-a31a-42a6-aa79-35fe0d762670
.0.trackspecialdomain.com/ Name: uuid
Value: 6582975a-a31a-42a6-aa79-35fe0d762670
0.trackspecialdomain.com/ Name: uuid
Value: 6582975a-a31a-42a6-aa79-35fe0d762670
.0.trackspecialdomain.com/ Name: ccid
Value: %5B64771%5D
.track.themaccleanup.info/ Name: bemob-uniq-visit:70bbac94-8fb3-46e5-a455-a05f447155f4
Value: 1
.track.themaccleanup.info/ Name: bemob-rotation:70bbac94-8fb3-46e5-a455-a05f447155f4:random:d5e470b63c22c64b74207027cdf79fc7
Value: 0-0-0
.track.themaccleanup.info/ Name: bemob-track-url
Value: https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY1NjIzNzE3IiwiaGFzaCI6ImM4MjM5ZWY3NDU3NDU5YmYxNDU2ODczMjkyMDJjNTY0NDgxZWVjOTAifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253D02efcff4-4c6e-48ac-ae45-6b5680bec91b..c1%253Dfeed14986..c2%253Dddcf50c6..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.trackspecialdomain.com%25252F

1 Console Messages

Source Level URL
Text
security warning URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html#
Message:
Mixed Content: The page at 'https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html#' was loaded over HTTPS, but requested an insecure element 'http://www.gstatic.com/images/branding/product/2x/translate_24dp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.trackspecialdomain.com
away.bettershitecolumn.com
cdn.weatherplllatform.com
cdnjs.cloudflare.com
collect.greengoplatform.com
d1ue3yi0hkdsdl.cloudfront.net
fonts.bunny.net
maps.googleapis.com
maps.gstatic.com
sandeo.org
track.getpageurl.com
track.greengoplatform.com
track.themaccleanup.info
trackspecialdomain.com
www.google.com
www.gstatic.com
away.bettershitecolumn.com
trackspecialdomain.com
138.199.40.58
162.222.227.139
185.177.94.108
2600:1f18:43d1:2a02:b6ee:327b:545e:e578
2600:9000:2511:f600:13:1772:3a40:21
2606:4700::6811:180e
2607:f8b0:4006:807::2003
2607:f8b0:4006:807::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:823::200a
91.211.91.104
91.211.91.112
91.211.91.114
12e24d3bd3617157b0a98fab133e4109b81de3971fbc548ecec54cd5c5b137d7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
1efb6b34aee777f657af03fc18ab7ec444bcb7025b175edbd489c3c984035f34
2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513
26aa33719460f8723c8faea0a26b2a2c6939a309b97a12616cd14ccfefe5dcc0
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
3db5042855fc8684d70b5a3fe99aaa016d349164f66c8de4e064e74919eb016a
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
49843610a21ee923bdec4d71775cbde80546a3d42e6b026c989bb120e2e664eb
4b1238a1b9202c3d215ed7b3f05a6cf12fb71d520d2066f25bbda095603dc9dd
4bc31d0cc5c98975e21c66b5e75249857fae081d12a1d4085083a10e214f51b8
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
52750d60a0620ca6c1c719083cc9f132729f3bd0d55045b83b7cd19a9c3a175f
55b1b698a4dd0c22aed6a80cf9e74befdde35f072a37ea271e836c681cc71a2b
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5afb096d2039e3330a5f0735fcfe077560b8c6c6f1e043c63736fdac5dcac9f7
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae
5f97a8b3d08909b32eb6615e4148b6c522b40f75ce829ae86f6604b81f691e61
612f08bb65b058e3ca7ef1ee54d6800ad88f2e89ab85196198d7a7262b413e1b
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
68b3115a11b8b8d65df8de2c2d0bb86eb1ba963a6be66a93e5ff1460b49557aa
6d00803227cc83b92a70fc2977de7bdcfe7e6129b5d8d0820fce0de17867b677
6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d
6dc755750023fdfc750d9ff02ad2c5249c1a732e167a6f4684589ffb5f9fbb44
6f293e85b57979f8b60faf784b11b159858ebeae3abd3a50928d078d6c9833d1
8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c
8e497502ccd62847fe887656d239686ad1c7ee291f3a27a5ee4bb74eb09e3bb5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
937cca6a0a751e4c7cfb0eb89d269287c8bcd4bb17e5fd170e30b1777f41043d
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
a289c43deb15f25b3a7a0e30ea087f3ed171c1f39b8da8762bd9c21f268a2baf
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa
af3959079a8c31024b59c2194e96bbbdc545bc98c1cc92aa13f4c7a398441ff9
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b
b06b196c4d20360be56b475a0ba357cc3dd8c451ec98edb2a242514c8b6c515c
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
c418178c97c824f111862d978975035bd6fe595eee7176737e64ab3b1c93da00
c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6
cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0
d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310
d1fc21927293f00261a8795efadbdfa16d14521479402d72328c00482a6ba6b9
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de27d8901cbc3c7069d94a4c89267f10861e5eb1a1d906871e3ca75102562f1b
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26
e7816b6bd80713ced0fabbf061d7ad97d6d1ff4fbf94a1e2b17fbd61421a3a17
e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
ee36309f7838cc79a85567f3a9f7c97fd5b2326b70d118000a2b3811cadaa435
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69
f994b680ca84a21764c18174c5069b47450191d733770cc43bf9f90ce4718c39