urlscan.io logo urlscan.io
SecurityTrails logo

cheaplegal.ca Open in urlscan Pro
172.67.156.42  Public Scan

Go To Rescan Add Verdict Report
URL: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Submission Tags: @phish_report
Submission: On June 16 via api from FI — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 172.67.156.42, located in United States and belongs to CLOUDFLARENET, US. The main domain is cheaplegal.ca.
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.
This is the only time cheaplegal.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.156.42 13335 (CLOUDFLAR...)
1 104.18.2.35 13335 (CLOUDFLAR...)
1 151.101.192.237 54113 (FASTLY)
9 151.101.192.238 54113 (FASTLY)
1 1 172.67.166.213 13335 (CLOUDFLAR...)
1 104.18.29.13 13335 (CLOUDFLAR...)
1 151.101.0.238 54113 (FASTLY)
16 6
3    172.67.156.42 (United States)

ASN13335 (CLOUDFLARENET, US)
cheaplegal.ca
1    104.18.2.35 (None, )

ASN13335 (CLOUDFLARENET, US)
pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev
1    151.101.192.237 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.squarespace.com
9    151.101.192.238 (San Francisco, United States)

ASN54113 (FASTLY, US)
static1.squarespace.com
1    172.67.166.213 (United States)

ASN13335 (CLOUDFLARENET, US)
slot888-p.online
1    104.18.29.13 (None, )

ASN13335 (CLOUDFLARENET, US)
slots75.top
1    151.101.0.238 (San Francisco, United States)

ASN54113 (FASTLY, US)
images.squarespace-cdn.com
Apex Domain
Subdomains		 Transfer
10 squarespace.com
assets.squarespace.com — Cisco Umbrella Rank: 7100
static1.squarespace.com — Cisco Umbrella Rank: 6802
111 KB
3 cheaplegal.ca
cheaplegal.ca
173 KB
1 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 6050
122 KB
1 slots75.top
slots75.top
1 slot888-p.online
slot888-p.online
546 B
1 r2.dev
pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev
4 KB
16 6
Domain Requested by
9 static1.squarespace.com cheaplegal.ca
static1.squarespace.com
3 cheaplegal.ca cheaplegal.ca
1 images.squarespace-cdn.com cheaplegal.ca
1 slots75.top pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev
1 slot888-p.online 1 redirects
1 assets.squarespace.com cheaplegal.ca
1 pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev cheaplegal.ca
16 7

This site contains links to these domains. Also see Links.

Domain
instagram.com
facebook.com
twitter.com
squarespace.com
Subject Issuer Validity Valid
cheaplegal.ca
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.r2.dev
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.squarespace.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-09 -
2025-02-28		 a year crt.sh
slots75.top
WE1		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.squarespace-cdn.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Frame ID: 424DC8AF3F333EC0FD60F4C4A49BE422
Requests: 15 HTTP requests in this frame

Frame: https://slots75.top/?cid=525701&type=4&currency=IDR&id=57278535
Frame ID: 9F12FEEC14C061E0D545C48ED59C6F2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cristiano ronaldo hotel — cara kerja ke hongkong 2023

Detected technologies

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

410 kB
Transfer

1882 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://slot888-p.online/ HTTP 302
  • https://slots75.top/?cid=525701&type=4&currency=IDR&id=57278535

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cristiano-ronaldo-hotel-16
cheaplegal.ca/ 		111 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6402188016817411871b87da08f6bd5b669feecf467112b7072c3c1fbef77a1

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
894b97fa2be7ac06-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Jun 2024 14:47:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K0airlFqeRH%2BTBMClh9XE7MDlFWNiVKI5hV%2FFj88X%2BCH7Kf1ahgiOEN2h9Ja33JUhz2U7gu6Sx4eryXQV%2FMW8Uve9SmlEPP4DalF1X5iuL1M4MLjkQGBzJc0z3lOdyb%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
id.js
pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev/id.js
Requested by
Host: cheaplegal.ca
URL: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0471db2a7a1be2b4777d22149a1d5ab467247bb443a3d943920a0592326b6e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 14:47:12 GMT
Last-Modified
Fri, 14 Jun 2024 13:05:00 GMT
Server
cloudflare
ETag
"45bb819058543786dc873a481907be55"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
894b97fbaa1aa23a-YYZ
Content-Length
4061
modern.js
assets.squarespace.com/@sqs/polyfiller/1.6/ 		115 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by
Host: cheaplegal.ca
URL: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Origin
https://cheaplegal.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
162785, 305064
date
Sun, 16 Jun 2024 14:47:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
18480580
x-cache
HIT, HIT
content-length
42447
x-served-by
cache-iad-kcgs7200042-IAD, cache-yyz4547-YYZ
last-modified
Mon, 31 Oct 2022 21:19:57 GMT
server
UploadServer
x-timer
S1718549232.934266,VS0,VE0
etag
"fe0d53a94823df972dbf107bf190771a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 02:39:38 GMT
site.css
cheaplegal.ca/data/static/css/ 		1 MB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cheaplegal.ca/data/static/css/site.css
Requested by
Host: cheaplegal.ca
URL: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb910f29fa8e245fa90c8ea5aa5a93e6d621a60859330c84a4172ad68598ded

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform-version
"10.0.0"
Referer
https://cheaplegal.ca/cristiano-ronaldo-hotel-16
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 02 Jun 2024 14:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"665c7f0f-13d94e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeATv5FA8bQ2kD%2FD2B3s9ZWfnelNSb%2BGgz7XdVdire4rcbucjUDep0%2FgUarUuvXqrz95Y0upiT5bhPvJWXv6WoKrFwclOFz1%2Bilr9D2ezDQvk4IlPNrOhw8mKjHNS%2BAS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
894b97fb4cb3ac06-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 17 Jun 2024 02:47:11 GMT
site-bundle.c60096393cff060396b454574afa2699.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		176 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Requested by
Host: cheaplegal.ca
URL: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
fbe06d8b09c06e1556171bd359b09c01a8a8e167d148ed942ad0ede0c69da950
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2228, 0
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
457010
x-cache
HIT, HIT
x-contextid
w6AEp1lo/RQ6fKOHH
content-length
43913
x-served-by
cache-dfw-kdal2120101-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.301493,VS0,VE1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
/
slots75.top/ Frame 9F12
Redirect Chain
  • https://slot888-p.online/
  • https://slots75.top/?cid=525701&type=4&currency=IDR&id=57278535
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://slots75.top/?cid=525701&type=4&currency=IDR&id=57278535
Requested by
Host: pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev
URL: https://pub-7c8d0ad2c98b4194b45abaf6228794af.r2.dev/id.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://cheaplegal.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
46
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=600,public,max-age=0
cf-cache-status
HIT
cf-ray
894b97ff1bbeaae8-YYZ
content-encoding
gzip
content-md5
jg1tDiuPv1kQMl+I1OheVw==
content-type
text/html
date
Sun, 16 Jun 2024 14:47:12 GMT
last-modified
Sat, 15 Jun 2024 17:59:01 GMT
server
cloudflare
vary
Accept-Encoding
x-oss-hash-crc64ecma
127735366713773188
x-oss-object-type
Normal
x-oss-request-id
666DD9187594F9323995F7E0
x-oss-server-time
2
x-oss-storage-class
Standard

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
894b97feb833ab3a-YYZ
content-length
143
content-type
text/html
date
Sun, 16 Jun 2024 14:47:12 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://slots75.top/?cid=525701&type=4&currency=IDR&id=57278535
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtYjBLz3oDJLGWPeDNqjBSytqhNt2%2BXYJc8p%2BdDa5nKFGVx9cyOg21j0XjKiXVFT6Ew%2B%2BO669EI86X1kzkLKg9NOdIYveZllVCGmXc8JOvE8gwKybv2haEOXyaPuY3maMDjr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
241.b38453ae9aa40e67c15b.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
6216, 6
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
960757
x-cache
HIT, HIT
x-contextid
PEpapZbn/G2stiJVz
content-length
2763
x-served-by
cache-dfw-kdfw8210105-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.493354,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
4556.0de45f4f918b8d361f5c.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/4556.0de45f4f918b8d361f5c.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
13fdb467f3914d4780b1c5dad66f4575405e547591a5cb1ec3cfee6ea2c94b04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4840, 6
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
808043
x-cache
HIT, HIT
x-contextid
4vcnw8DH/CaxTySXB
content-length
4164
x-served-by
cache-dfw-kdfw8210058-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.493343,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
product-gallery.e7e51702326dde3bab83.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/product-gallery.e7e51702326dde3bab83.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
4b9fae679d3af490c2095f13e0b672df886e0335c22b46b9d1a52dddbf762f91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
295, 4
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
815576
x-cache
HIT, HIT
x-contextid
a738YSG9/dV4uQ8Jp
content-length
5556
x-served-by
cache-dfw-kdfw8210032-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.494858,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
product-item-variants.74a651a91cdd9d1f41c4.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/product-item-variants.74a651a91cdd9d1f41c4.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
8cc51bad58358691a121e72654dbfd97a6315f589ceda227f81d5fe5eac8a736
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4476, 6
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
824778
x-cache
HIT, HIT
x-contextid
9qHkGgyz/A3JC6SIc
content-length
2048
x-served-by
cache-dfw-kdfw8210162-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.495192,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
product-cart-button.383fa1398a9fc840c724.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/product-cart-button.383fa1398a9fc840c724.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
38f940ad35d0d4978179a12000d350728bf4aa74fa3448800b821797288250c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
8859, 6
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
974836
x-cache
HIT, HIT
x-contextid
huL5gEbs/aH9Ia35s
content-length
794
x-served-by
cache-dfw-kdfw8210072-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.495148,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
image-zoom.a7b37aa98fa0e356e91c.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/image-zoom.a7b37aa98fa0e356e91c.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
26666f6880d8808e3fb3e2b8bc19def3ee8c1fae014a790624fe95f1f04c8a9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
796, 5
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
429600
x-cache
HIT, HIT
x-contextid
IXvfy9iv/fsy7dUe5
content-length
1740
x-served-by
cache-dfw-kdfw8210115-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.495119,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
5489.9968d09a3adcfbc5f9bc.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/5489.9968d09a3adcfbc5f9bc.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
e59d4e646bb27566f7f9b4e6cfd9d3eab1670f581c2ca16a0e871ebe2b9a4c80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
3433, 4
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
812320
x-cache
HIT, HIT
x-contextid
B43uMXTE/81KFpdBH
content-length
6241
x-served-by
cache-dfw-kdfw8210134-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.495083,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
lightbox.6fd96191eed3edf2e978.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/lightbox.6fd96191eed3edf2e978.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.c60096393cff060396b454574afa2699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
26acbc9fa18249bf6d45f80c88bbe6658bac10aeef85879c328572fca36d03ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
6219, 4
date
Sun, 16 Jun 2024 14:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
1042497
x-cache
HIT, HIT
x-contextid
HKk49EZN/leQAELqQ
content-length
1537
x-served-by
cache-dfw-kdal2120133-DFW, cache-yyz4559-YYZ
pragma
cache
server
Squarespace
x-timer
S1718549232.495531,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
GJCVvU3XkAEU4_9.jpg
images.squarespace-cdn.com/content/v1/661dd385e6209b0daabedccc/1713230822763-VXL1TNIKEBBL9SXRQ854/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/661dd385e6209b0daabedccc/1713230822763-VXL1TNIKEBBL9SXRQ854/GJCVvU3XkAEU4_9.jpg?format=750w
Requested by
Host: cheaplegal.ca
URL: https://cheaplegal.ca/cristiano-ronaldo-hotel-16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff7edccee0e3f4014c841bc43ea22f7658a68674f499a3fc54ea48c437695190

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cheaplegal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
622, 0
date
Sun, 16 Jun 2024 14:47:12 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
2865043
x-cache
HIT, HIT
content-length
124101
x-served-by
cache-iad-kcgs7200146-IAD, cache-yyz4561-YYZ
x-sqsp-accepted-scopes
EDITOR
x-timer
S1718549233.585943,VS0,VE1
etag
CNfewZXKxYUDEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
false
tracepoint
Fastly
favicon.ico
cheaplegal.ca/ 		649 B
703 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cheaplegal.ca/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
260509f87588f803dde504a292f3aeb1b31e63202824b60711b435b9bdae7fa1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform-version
"10.0.0"
Referer
https://cheaplegal.ca/cristiano-ronaldo-hotel-16
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 14:47:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Jun 2024 14:47:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkYjHh8YFEX0U59Up6szirIW69ib85t8A1XuzC%2B1Enwar%2FxoyN4Ss05t8FCHUQohpOMA2OBdsOMuDBy40ssdDz5%2BsV9aN54cAzNCuEsPv1gsC4fMvYbW7pf9CAWj02Fc"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
894b9801aa80ac06-YYZ
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage number| _0xodF function| _0x2c66a2 function| _0x5e93 function| _0x43d8 string| version_ string| url object| SQUARESPACE_ROLLUPS object| Static object| webpackChunk_sqs_polyfiller object| webpackChunknew_bedford_framework object| regeneratorRuntime

1 Cookies

Domain/Path Name / Value
.slots75.top/ Name: __cf_bm
Value: 9s2ioIWGCJl3LRoAVAl0y0je39Db2FZoSxjS9ryGRtA-1718549232-1.0.1.1-tJLuPHgqLCRFpXb3Uz2o7y9apsEexTXnE1Bl6_Q66AiV7gg73Ue1M4tPOB5Qyd_kVzowknvHMtCcFK.EL6QVyA