urlscan.io logo urlscan.io
SecurityTrails logo

d1ue3yi0hkdsdl.cloudfront.net Open in urlscan Pro
2600:9000:2511:1400:13:1772:3a40:21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sandeo.org/
Effective URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZ...
Submission: On October 13 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 87 HTTP transactions. The main IP is 2600:9000:2511:1400:13:1772:3a40:21, located in United States and belongs to AMAZON-02, US. The main domain is d1ue3yi0hkdsdl.cloudfront.net.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.
This is the only time d1ue3yi0hkdsdl.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    162.222.227.139 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
sandeo.org
1    91.211.91.112 (Ukraine)

ASN206638 (HOSTFORY, UA)
track.greengoplatform.com
8    138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com
fonts.bunny.net
1    91.211.91.114 (Ukraine)

ASN206638 (HOSTFORY, UA)
cdn.weatherplllatform.com
1    2607:f8b0:4006:808::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    91.211.91.104 (Ukraine)

ASN206638 (HOSTFORY, UA)
away.bettershitecolumn.com
12    2607:f8b0:4006:816::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2607:f8b0:4006:806::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
maps.gstatic.com
3    185.177.94.108 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com
trackspecialdomain.com
0.trackspecialdomain.com
2    2600:1f18:43d1:2a02:b6ee:327b:545e:e578 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track.themaccleanup.info
track.getpageurl.com
28    2600:9000:2511:1400:13:1772:3a40:21 (United States)

ASN16509 (AMAZON-02, US)
d1ue3yi0hkdsdl.cloudfront.net
1    2606:4700::6811:180e (None, )

ASN- ()
cdnjs.cloudflare.com
1    2607:f8b0:4006:809::2003 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
28 cloudfront.net
d1ue3yi0hkdsdl.cloudfront.net
575 KB
24 sandeo.org
sandeo.org
5 MB
12 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 656
323 KB
8 bunny.net
fonts.bunny.net — Cisco Umbrella Rank: 93606
112 KB
3 trackspecialdomain.com
trackspecialdomain.com — Cisco Umbrella Rank: 500091 Failed
0.trackspecialdomain.com — Cisco Umbrella Rank: 954946
71 KB
3 gstatic.com
maps.gstatic.com
www.gstatic.com
71 KB
3 bettershitecolumn.com
away.bettershitecolumn.com — Cisco Umbrella Rank: 293295 Failed
1 KB
1 cloudflare.com
cdnjs.cloudflare.com
14 KB
1 getpageurl.com
track.getpageurl.com
720 B
1 themaccleanup.info
track.themaccleanup.info
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 19
2 KB
1 weatherplllatform.com
cdn.weatherplllatform.com — Cisco Umbrella Rank: 302008
2 KB
1 greengoplatform.com
track.greengoplatform.com
collect.greengoplatform.com Failed
802 B
87 13
Domain Requested by
28 d1ue3yi0hkdsdl.cloudfront.net d1ue3yi0hkdsdl.cloudfront.net
24 sandeo.org sandeo.org
12 maps.googleapis.com www.google.com
maps.googleapis.com
8 fonts.bunny.net sandeo.org
fonts.bunny.net
3 away.bettershitecolumn.com cdn.weatherplllatform.com
2 0.trackspecialdomain.com 1 redirects sandeo.org
2 maps.gstatic.com www.google.com
1 www.gstatic.com d1ue3yi0hkdsdl.cloudfront.net
1 cdnjs.cloudflare.com d1ue3yi0hkdsdl.cloudfront.net
1 track.getpageurl.com
1 track.themaccleanup.info sandeo.org
1 trackspecialdomain.com away.bettershitecolumn.com
1 www.google.com sandeo.org
1 cdn.weatherplllatform.com sandeo.org
1 track.greengoplatform.com sandeo.org
0 collect.greengoplatform.com Failed sandeo.org
87 16

This site contains no links.

Subject Issuer Validity Valid
greengoplatform.com
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh
fonts.bunny.net
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
cdn.weatherplllatform.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
sandeo.org
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
away.bettershitecolumn.com
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
trackspecialsdomain.com
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
track.themaccleanup.info
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh
track.getpageurl.com
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Frame ID: 229340C53FE2DEE225DCC1B85B55BF4F
Requests: 73 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Frame ID: F510F0D33536216F67047BDC8BF706D9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

McAfee® Total Protection

Page URL History Show full URLs

  1. http://sandeo.org/ Page URL
  2. https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
    https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
    https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 Page URL
  3. https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3 Page URL
  4. https://0.trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3 Page URL
  5. https://0.trackspecialdomain.com/?auf=gqzgcnlgg45diojygyxtonbvgixtemrpge3dmnjwgi3tkmrr&s=1&sub1=&sub2=zingers... HTTP 302
    https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=5d6c4faa-0afa-... Page URL
  6. https://track.getpageurl.com/?redirectUrl=https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.h... Page URL
  7. https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

87
Requests

82 %
HTTPS

54 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

6465 kB
Transfer

8330 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sandeo.org/ Page URL
  2. https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
    https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
    https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 Page URL
  3. https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3 Page URL
  4. https://0.trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3 Page URL
  5. https://0.trackspecialdomain.com/?auf=gqzgcnlgg45diojygyxtonbvgixtemrpge3dmnjwgi3tkmrr&s=1&sub1=&sub2=zingersd3&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
    https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0 Page URL
  6. https://track.getpageurl.com/?redirectUrl=https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253D5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1%253Dfeed14986..c2%253Dddcf50c6..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.trackspecialdomain.com%25252F Page URL
  7. https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
  • https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29 HTTP 302
  • https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
Request Chain 57
  • https://0.trackspecialdomain.com/?auf=gqzgcnlgg45diojygyxtonbvgixtemrpge3dmnjwgi3tkmrr&s=1&sub1=&sub2=zingersd3&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
  • https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sandeo.org/ 		188 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
7a2b7d866d747b7abbe993aafd5c623261ca7f1265dcc4606f1b3a112a7a6e48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 02:18:27 GMT
Keep-Alive
timeout=5, max=75
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding
smile.js
track.greengoplatform.com/ 		2 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.greengoplatform.com/smile.js?v=1.1.1
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.112 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:35 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
style.min.css
sandeo.org/wp-includes/css/dist/block-library/ 		87 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 00:42:29 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
16594
style.css
sandeo.org/wp-content/themes/popularfx/ 		29 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/themes/popularfx/style.css?ver=1.2.4
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
f994b680ca84a21764c18174c5069b47450191d733770cc43bf9f90ce4718c39

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2022 00:18:16 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
9292
sidebar.css
sandeo.org/wp-content/themes/popularfx/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/themes/popularfx/sidebar.css?ver=1.2.4
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
68b3115a11b8b8d65df8de2c2d0bb86eb1ba963a6be66a93e5ff1460b49557aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2022 00:18:16 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
2841
css
fonts.bunny.net/ 		85 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
a289c43deb15f25b3a7a0e30ea087f3ed171c1f39b8da8762bd9c21f268a2baf

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:30 GMT
content-encoding
br
cdn-edgestorageid
885
x-do-app-origin
1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
cdn-cachedat
10/12/2022 13:12:47
cdn-pullzone
781720
last-modified
Wed, 12 Oct 2022 13:12:47 GMT
server
BunnyCDN-NY-885
cdn-proxyver
1.02
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
8f5a7a70416a27493291938ed853c3d2
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
group-1.css
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/group-1.css?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
b06b196c4d20360be56b475a0ba357cc3dd8c451ec98edb2a242514c8b6c515c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
8691
preview.css
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/ 		269 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/css/preview.css?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
26aa33719460f8723c8faea0a26b2a2c6939a309b97a12616cd14ccfefe5dcc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
jquery.min.js
sandeo.org/wp-includes/js/jquery/ 		92 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
5f97a8b3d08909b32eb6615e4148b6c522b40f75ce829ae86f6604b81f691e61

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 15:58:42 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
jquery-migrate.min.js
sandeo.org/wp-includes/js/jquery/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
4bc31d0cc5c98975e21c66b5e75249857fae081d12a1d4085083a10e214f51b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 15:58:42 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
6247
navigation.js
sandeo.org/wp-content/themes/popularfx/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2022 00:18:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
1805
group-1.js
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/ 		136 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/group-1.js?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
ee36309f7838cc79a85567f3a9f7c97fd5b2326b70d118000a2b3811cadaa435

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
preview.js
sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/ 		186 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-content/plugins/brizy/public/editor-build/247-wp/editor/js/preview.js?ver=2.4.11
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
937cca6a0a751e4c7cfb0eb89d269287c8bcd4bb17e5fd170e30b1777f41043d

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 12:49:14 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
result.js
cdn.weatherplllatform.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weatherplllatform.com/result.js?v=000
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
4b1238a1b9202c3d215ed7b3f05a6cf12fb71d520d2066f25bbda095603dc9dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 14:46:59 GMT
server
nginx
etag
W/"6331bb63-182c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
sandeo.org/wp-includes/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sandeo.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
5afb096d2039e3330a5f0735fcfe077560b8c6c6f1e043c63736fdac5dcac9f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 18:58:03 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
6904
flag.js
collect.greengoplatform.com/ 		0
0
Big-Logo-2-1024x721.png
sandeo.org/wp-content/uploads/2022/01/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/Big-Logo-2-1024x721.png
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
612f08bb65b058e3ca7ef1ee54d6800ad88f2e89ab85196198d7a7262b413e1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
last-modified
Thu, 13 Jan 2022 17:23:45 GMT
server
Apache
accept-ranges
bytes
content-length
74275
content-type
image/png
IMG-20201004-WA0067.jpg
sandeo.org/wp-content/uploads/2022/01/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201004-WA0067.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
958d632b1857c4cbbe82101dfc9e39b6e749dee31d59bd46ca2be5b9c82a2f76

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
last-modified
Fri, 14 Jan 2022 09:58:55 GMT
server
Apache
accept-ranges
bytes
content-length
102233
content-type
image/jpeg
84a8d056be6cae487f1bd0cec4e5063e.jpg
sandeo.org/wp-content/uploads/2022/01/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/84a8d056be6cae487f1bd0cec4e5063e.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
last-modified
Thu, 13 Jan 2022 16:44:01 GMT
server
Apache
accept-ranges
bytes
content-length
3847961
content-type
image/jpeg
IMG-20220226-WA0014.jpg
sandeo.org/wp-content/uploads/2022/04/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/04/IMG-20220226-WA0014.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
last-modified
Fri, 29 Apr 2022 16:43:46 GMT
server
Apache
accept-ranges
bytes
content-length
96080
content-type
image/jpeg
IMG-20201128-WA0020.jpg
sandeo.org/wp-content/uploads/2022/01/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0020.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
last-modified
Fri, 14 Jan 2022 09:35:17 GMT
server
Apache
accept-ranges
bytes
content-length
166810
content-type
image/jpeg
IMG-20201128-WA0022.jpg
sandeo.org/wp-content/uploads/2022/01/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0022.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
last-modified
Fri, 14 Jan 2022 09:36:18 GMT
server
Apache
accept-ranges
bytes
content-length
136727
content-type
image/jpeg
IMG-20201116-WA0033.jpg
sandeo.org/wp-content/uploads/2022/01/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201116-WA0033.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
last-modified
Fri, 14 Jan 2022 09:37:31 GMT
server
Apache
accept-ranges
bytes
content-length
109260
content-type
image/jpeg
IMG-20201002-WA0088.jpg
sandeo.org/wp-content/uploads/2022/01/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201002-WA0088.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
last-modified
Fri, 14 Jan 2022 09:38:23 GMT
server
Apache
accept-ranges
bytes
content-length
135332
content-type
image/jpeg
IMG-20201128-WA0021.jpg
sandeo.org/wp-content/uploads/2022/01/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0021.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
last-modified
Fri, 14 Jan 2022 09:39:18 GMT
server
Apache
accept-ranges
bytes
content-length
139765
content-type
image/jpeg
IMG-20220307-WA0009.jpg
sandeo.org/wp-content/uploads/2022/04/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/04/IMG-20220307-WA0009.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
last-modified
Fri, 29 Apr 2022 16:46:16 GMT
server
Apache
accept-ranges
bytes
content-length
85296
content-type
image/jpeg
overpass-latin-700-normal.woff2
fonts.bunny.net/overpass/files/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/overpass/files/overpass-latin-700-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
09/28/2022 08:11:35
cdn-pullzone
781720
content-length
16296
last-modified
Sat, 11 Jun 2022 00:01:12 GMT
server
BunnyCDN-NY-885
cdn-fileserver
341
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3db48-3fa8"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
fd0f7d34136f1303e62da79693dfd7e3
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-700-normal.woff2
fonts.bunny.net/montserrat/files/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
1efb6b34aee777f657af03fc18ab7ec444bcb7025b175edbd489c3c984035f34

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-267
cdn-cachedat
09/27/2022 01:51:41
cdn-pullzone
781720
content-length
12804
last-modified
Fri, 10 Jun 2022 23:12:03 GMT
server
BunnyCDN-NY-885
cdn-fileserver
341
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc3-3204"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
948aa889f9e9337f9bfada20835fd028
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
overpass-latin-400-normal.woff2
fonts.bunny.net/overpass/files/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/overpass/files/overpass-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
09/27/2022 02:16:28
cdn-pullzone
781720
content-length
15792
last-modified
Sat, 11 Jun 2022 00:01:11 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3db47-3db0"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
6b1d4b7226af1a3855b9a021dc0ee868
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-400-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-353
cdn-cachedat
09/27/2022 01:50:48
cdn-pullzone
781720
content-length
12708
last-modified
Fri, 10 Jun 2022 23:12:02 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc2-31a4"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
d5fe5759fcb9bbba552d133a227ce650
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-500-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
d1fc21927293f00261a8795efadbdfa16d14521479402d72328c00482a6ba6b9

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-346
cdn-cachedat
09/27/2022 01:50:28
cdn-pullzone
781720
content-length
12748
last-modified
Fri, 10 Jun 2022 23:12:03 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc3-31cc"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
03679fe94c7e9211dd1f1198e58d7ac4
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
montserrat-latin-600-normal.woff2
fonts.bunny.net/montserrat/files/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
e7816b6bd80713ced0fabbf061d7ad97d6d1ff4fbf94a1e2b17fbd61421a3a17

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-353
cdn-cachedat
09/27/2022 01:52:33
cdn-pullzone
781720
content-length
12708
last-modified
Fri, 10 Jun 2022 23:12:03 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3cfc3-31a4"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
9d3bb84162e44892b49f2efeb887e632
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
IMG-20201201-WA0014-705x470x117x0x470x470x1642152596.jpg
sandeo.org/wp-content/uploads/brizy/imgs/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sandeo.org/wp-content/uploads/brizy/imgs/IMG-20201201-WA0014-705x470x117x0x470x470x1642152596.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
HTTP/1.1
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
52750d60a0620ca6c1c719083cc9f132729f3bd0d55045b83b7cd19a9c3a175f

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 02:18:37 GMT
Last-Modified
Fri, 14 Jan 2022 10:39:27 GMT
Server
Apache
Upgrade
h2,h2c
Content-Type
image/jpeg
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
25299
place
www.google.com/maps/embed/v1/ Frame F510 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-rF4d2wB6FJaPGfveFXOKLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sandeo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1393
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-rF4d2wB6FJaPGfveFXOKLQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 02:18:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Accept-Language Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
lato-latin-400-normal.woff2
fonts.bunny.net/lato/files/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
Requested by
Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-40-58.datapacket.com
Software
BunnyCDN-NY-885 /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
https://fonts.bunny.net/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COverpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.11
Origin
http://sandeo.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:37 GMT
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
09/26/2022 14:29:26
cdn-pullzone
781720
content-length
23580
last-modified
Fri, 10 Jun 2022 22:58:50 GMT
server
BunnyCDN-NY-885
cdn-fileserver
354
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"62a3ccaa-5c1c"
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
54b4fc011868fff49dabf2358da740ce
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
IMG-20201128-WA0019.jpg
sandeo.org/wp-content/uploads/2022/01/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandeo.org/wp-content/uploads/2022/01/IMG-20201128-WA0019.jpg
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.227.139 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://sandeo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
last-modified
Fri, 14 Jan 2022 10:02:11 GMT
server
Apache
accept-ranges
bytes
content-length
176080
content-type
image/jpeg
hit.php
away.bettershitecolumn.com/ 		0
0
track.php
away.bettershitecolumn.com/
Redirect Chain
  • https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46
  • https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29
  • https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
840 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
Requested by
Host: cdn.weatherplllatform.com
URL: https://cdn.weatherplllatform.com/result.js?v=000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
http://sandeo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
840
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 02:18:40 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 02:18:39 GMT
location
https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
server
nginx
strict-transport-security
max-age=15768000;
x-powered-by
PHP/7.3.33
js
maps.googleapis.com/maps/api/ Frame F510 		171 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:58:11 GMT
content-encoding
gzip
server
mafe
age
1227
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=22
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56901
x-xss-protection
0
expires
Thu, 13 Oct 2022 02:28:11 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame F510 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/50/9/ Frame F510 		221 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/50/9/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyCcywKcxXeMZiMwLDcLgyEnNglcLOyB_qw&q=SANDEO&zoom=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68888
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:31 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame F510 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69562
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:32 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame F510 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61932
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:32 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame F510 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25787
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:45 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame F510 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1387
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:45 GMT
truncated
/ Frame F510 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame F510 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i2479665&2i3000706&2e1&3u15&4m2&1u701&2u400&5m6&1e0&5sen-CA&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=97270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:39 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99717
x-xss-protection
0
expires
Fri, 14 Oct 2022 02:18:39 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame F510 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9987
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 19:38:45 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/50/9/ Frame F510 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/50/9/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_CA&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 20:55:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1399
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 19:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 20:55:19 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame F510 		326 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:38 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 13 Oct 2022 02:18:38 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame F510 		31 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d45.48569171877462&2d-73.61542848912585&2m2&1d45.52298789258587&2d-73.52399270816923&2u15&4sen-CA&5e0&6sm%40622000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&14b1&callback=_xdc_._mwby3j&client=google-maps-embed&token=77429
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 02:18:39 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=50
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3412
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame F510 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._5a9ztt&client=google-maps-embed&token=89078
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 02:18:39 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame F510 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%2Fv1%2Fplace&2sgoogle-maps-embed&7s6fmb03&10e1&11b0&callback=_xdc_._atj4jg&client=google-maps-embed&token=63905
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/50/9/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 02:18:39 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trackspecialdomain.com/ 		0
0
/
trackspecialdomain.com/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3
Requested by
Host: away.bettershitecolumn.com
URL: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
41cc661550c347fd7ae4ca836951e60e920dabbcee27994506332c8e9f0e7752
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 02:18:40 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
/
0.trackspecialdomain.com/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
976e4ffe3d056f007894844a29e7ee9c8c5a8bfbfdf16adc0dc765b986bd1837
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trackspecialdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 02:18:41 GMT
server
nginx
strict-transport-security
max-age=31536000
70bbac94-8fb3-46e5-a455-a05f447155f4
track.themaccleanup.info/go/
Redirect Chain
  • https://0.trackspecialdomain.com/?auf=gqzgcnlgg45diojygyxtonbvgixtemrpge3dmnjwgi3tkmrr&s=1&sub1=&sub2=zingersd3&sub3=&sub4=&cpc=0&cpm=0
  • https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA...
756 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0
Requested by
Host: sandeo.org
URL: http://sandeo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:43d1:2a02:b6ee:327b:545e:e578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash
38ac10649d883a9328190048775b31efb6d459d29a86effd3719a16d004abfd9

Request headers

Referer
https://0.trackspecialdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 02:18:42 GMT
etag
W/"2f4-vWKnvPg8LkKzLQd2+dMDTkkzjaM"
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
openresty
vary
Accept-Encoding
x-response-time
10.470ms

Redirect headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 02:18:41 GMT
location
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9&feed=feed14986&hash=ddcf50c6&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0
server
nginx
strict-transport-security
max-age=31536000
/
track.getpageurl.com/ 		607 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.getpageurl.com/?redirectUrl=https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253D5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1%253Dfeed14986..c2%253Dddcf50c6..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.trackspecialdomain.com%25252F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:43d1:2a02:b6ee:327b:545e:e578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://track.themaccleanup.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 02:18:42 GMT
etag
W/"25f-iikJtO80xjywpqK4P34ul5dKfuY"
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
openresty
vary
Accept-Encoding
x-response-time
23.650ms
Primary Request index.html
d1ue3yi0hkdsdl.cloudfront.net/English/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d00803227cc83b92a70fc2977de7bdcfe7e6129b5d8d0820fce0de17867b677

Request headers

Referer
https://track.getpageurl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
66442
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 07:51:21 GMT
etag
W/"07766fdfb575b864b3f30f54bae953c4"
last-modified
Fri, 19 Aug 2022 10:47:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
x-amz-cf-id
dqqknimcgEvAanIpQFDGPSlfGLcugEar4n56U9kWmZZr9QO1XJyHNQ==
x-amz-cf-pop
JFK50-P6
x-cache
Hit from cloudfront
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d1ue3yi0hkdsdl.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3430570
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13696
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-bb47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh35WG3BB3yT%2FEXt1M3uMaxIu%2B7PUeQfQIyd5EwrEuI0X68Kzt2wQQ1l00dqWCYcxr2tDodU5pbPAbbfXMSbrw%2BtqMDRpLdUTB7WQh4bJa2Pqm20Ov0vdzRB5bLlv%2FVhpaAvQGvoXv6YV7wIW%2BQ16tDD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7594960f4c67713c-YUL
expires
Tue, 03 Oct 2023 02:18:42 GMT
script.js
d1ue3yi0hkdsdl.cloudfront.net/English/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/js/script.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:27:31 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
28272
etag
W/"a09e13ee94d51c524b7e2a728c7d4039"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LKnDb1c6WJ7ICsG7Ruu4S7zBEgsJ9oL03jvGMHpPb8AbsgaS8_4QSg==
modules.js
d1ue3yi0hkdsdl.cloudfront.net/English/js/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/js/modules.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de27d8901cbc3c7069d94a4c89267f10861e5eb1a1d906871e3ca75102562f1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 08:54:14 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
62669
etag
W/"c58c9188742521818ab13ca8b3e988ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ebx8aUOWvYT3emKxrJwft62Xlg4KOYbFiGTG5t-roCV92KG0rHriUw==
custom.js
d1ue3yi0hkdsdl.cloudfront.net/English/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/js/custom.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e497502ccd62847fe887656d239686ad1c7ee291f3a27a5ee4bb74eb09e3bb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:13:17 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
61526
etag
W/"2414861da864646b2a5b01a142f87b7f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
bxswyMSPNstm-k0w6zVE3jmedOpcN0-D5GHNhEhZ809l1KNT0mpaIw==
froala.min.css
d1ue3yi0hkdsdl.cloudfront.net/English/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/froala.min.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 10:22:14 GMT
content-encoding
br
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
57389
etag
W/"8d4fba5186f02a0c4458986b0cf91667"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Lx__L8scXXUFlPp77tX6HsdZBQ7K6DC1mOf6l4iskLfgP6X_h0Iz8A==
style.css
d1ue3yi0hkdsdl.cloudfront.net/English/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/style.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49843610a21ee923bdec4d71775cbde80546a3d42e6b026c989bb120e2e664eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:30:30 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
46093
etag
W/"1a230ec60ecc7ea03295e24cb5d40378"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
3ZKg7tj3P0NWwDp8rYvt0xJx4boBxrW-bvhnWumKWPdy2XHHrM4DAQ==
custom.css
d1ue3yi0hkdsdl.cloudfront.net/English/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/custom.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f293e85b57979f8b60faf784b11b159858ebeae3abd3a50928d078d6c9833d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:06:02 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
970
etag
W/"afa5fe55f8ea711be28492c72405ce3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
GbUDh6MMttX78GdY7kyuDqglgYTZKe7gU4o-9XufR2Q-Z7wi-nUfcA==
main.d953d00b.js
d1ue3yi0hkdsdl.cloudfront.net/English/static/js/ 		153 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/static/js/main.d953d00b.js
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc755750023fdfc750d9ff02ad2c5249c1a732e167a6f4684589ffb5f9fbb44

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:30:30 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
46093
etag
W/"38eb0d65f80caf7ea8fe1d063e96ea3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uLcswnhdeP5ppSJbuKoI5rTlRZHMV0jW_hlJXS3kowHovXMG7m1KMg==
main.e6c13ad2.css
d1ue3yi0hkdsdl.cloudfront.net/English/static/css/ 		337 B
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/static/css/main.e6c13ad2.css
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1=feed14986..c2=ddcf50c6..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.trackspecialdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:51:11 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12452
etag
"9f6fd7b89af737fe9ff6849a58501b1b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
337
x-amz-cf-id
XdltseD-Ckfqzf6BuV2klgll_IrUubmODFBLFi7zeEynF40MVv4BOw==
bg-image.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/bg-image.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d1ue3yi0hkdsdl.cloudfront.net/English/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:03:59 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29684
etag
"bc336a3a0c484d7c65299b9c4af45596"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
302963
x-amz-cf-id
CLYXvI9HK9Lv2aZymNXYSsTsO4s13ERigxeEaqKcD6nGaNPb8uQq2A==
--vector-logo.svg
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		1 KB
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--vector-logo.svg
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:21:46 GMT
content-encoding
gzip
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:55 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
35817
etag
W/"6afb794723ba525f2c526c9899569924"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
AWvazztmm2LckTBfPVTwxSNLylVqxyUT7wu2J1Q0OS1D38YjRzp2zQ==
--full-site-logo.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--full-site-logo.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:51:12 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12451
etag
"945db2cdbd67e8ad20315672f80c1f18"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4714
x-amz-cf-id
QD893aY0pc_0zbXjlAOFr4fS7InRxoebo2aWBZwAkEpt5RGr67pnMw==
--spread-sheet-image1.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		128 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image1.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 20:30:22 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
20901
etag
"0bb86caf792dd7d24731c18cd37bb68e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
04j4dv5CzW-IpC3_TVOGHBXVe1tM71nJEOSOtbXL0HJ-QkORmKQvYg==
--spread-sheet-image2.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		293 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image2.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:32 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29683
etag
"9eb68d2ce05c151bda542a7a6356e22c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
293
x-amz-cf-id
WeFDctiSz3oLpHwxAHBMtOcyzKKiKYW2UBS5BJ4it3WCWamcw3awkA==
--spread-sheet-image3.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		364 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image3.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:51:11 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12451
etag
"e144c3378090087c8ce129a30cb6cb4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
364
x-amz-cf-id
yc0cw5yCLwB7aamEH2cfSHrbmuuFu5ajMjVH_tn0fT0c1-gCCTHneg==
--spread-sheet-image4.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		349 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image4.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29683
etag
"7454c652e0733d92de6c920c2d646ae0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
349
x-amz-cf-id
m7Fn5rX65MorwcDDlemIk6nQQEhzqNjtPnvFfvAy1nyj3KA1fEZu2A==
--section-image.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--section-image.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29683
etag
"9979fef59356099c8f41e2248fb3765d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
70593
x-amz-cf-id
w9XDlV9yK3ksFQxSUPTA3j5kZuyGNVp7bBAgjwoPyQJOszVEJT4eiQ==
--security-image.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		511 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--security-image.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 20:30:23 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
20900
etag
"af3aca2036675c5979fb535c5d190f15"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
511
x-amz-cf-id
IAr7cEdkVyse-UfdgF5Ojd2N7Qz2jbiWL6SCnNK66VXaKJfgkMVo-w==
--identity-image.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--identity-image.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:51:11 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12451
etag
"af52e51f42fd0c55bc3cf2c8ece71492"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
1547
x-amz-cf-id
BCVctfojURmd2Bn1W2CTXLgjoXcz5J-x4t4atALmBOzxSMSnTiKi9A==
--performance-image.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--performance-image.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29683
etag
"da9d153375da51a616a7663f1504e3a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
949
x-amz-cf-id
2_DUhzuaS2lWK91cKPQ7akCRKw_oBeoFvgtokgPt5svW-mj2toJvQg==
--logo.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--logo.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12451
etag
"f460adcdcb62bffc8961d6681d5042be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1709
x-amz-cf-id
s6vrw8w3CJ0fiGkz-ajk8-Fd9SLH8LkkuKomjscj3lUbyzW8O68gZg==
--scanning-image.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--scanning-image.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:00 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:28 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29683
etag
"c391e0f03315c1de2f0c3091c1170b38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2178
x-amz-cf-id
SnYNaoG23oIDUe57rQXbr1qIgFPe0T2NA2pZ-ET7GYcec7n2_WyWhQ==
--full-site-logo1.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--full-site-logo1.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:01 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29682
etag
"63fb2900e5622e4a6cadfd616f84476e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7254
x-amz-cf-id
q-5Ekqacz4SW5pPBAHPV3kT8KcZs_-pduJMxu9VzCHY_w5K_mssP4w==
--spread-sheet-image5.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		69 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image5.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:01 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29682
etag
"3ae573d079dcd1d2da4086f2c0c72c45"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
69
x-amz-cf-id
dCKwq5QO5tENk7cBBaOFtFjypE3AAGh07eulPdrwOXjZLnMfUf582A==
--spread-sheet-image6.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		377 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image6.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12451
etag
"c10bdec858cb0cf9e6cc5865d5925746"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
377
x-amz-cf-id
jrnYVdP83s67HDPSJsEWDJ_It7gDrLnCuwCMo70ZEJtJi406TmpIDw==
--spread-sheet-image7.gif
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		234 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--spread-sheet-image7.gif
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:55:53 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
12451
etag
"9ce99ec458daf212f9812a90f3fadd13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
234
x-amz-cf-id
HwkQYs7LrNBMnehBpoOilrgvhdXFZfOjOzxT8Mk8MVOWPIk6kErjGA==
--translate.png
d1ue3yi0hkdsdl.cloudfront.net/English/img/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/img/--translate.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:04:01 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:46:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
29682
etag
"e9cd262114358f26b7608b56905185dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
846
x-amz-cf-id
w4gUa4uLqRTPzMZEYMBpyTH2hB7V8FohPGSG1oTgKD4U5JybjFwZ7w==
ring.mp3
d1ue3yi0hkdsdl.cloudfront.net/English/audio/ 		16 KB
16 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d1ue3yi0hkdsdl.cloudfront.net/English/audio/ring.mp3
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1400:13:1772:3a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 12 Oct 2022 11:21:58 GMT
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
last-modified
Fri, 19 Aug 2022 10:47:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
53805
etag
"d6040c63cafad92b0c2933569de365c0"
x-cache
Hit from cloudfront
content-type
audio/mp3
Content-Range
bytes 0-15931/15932
accept-ranges
bytes
x-amz-cf-id
vjGgtTuOd7b0XL0_0Ept33KPtQSnakdlb8awhqjGla3I8G0TYAScEw==
Content-Length
15932
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: d1ue3yi0hkdsdl.cloudfront.net
URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d1ue3yi0hkdsdl.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 00:42:22 GMT
x-content-type-options
nosniff
age
178580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Oct 2023 00:42:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
collect.greengoplatform.com
URL
https://collect.greengoplatform.com/flag.js?v=7.1.3
Domain
away.bettershitecolumn.com
URL
https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46
Domain
trackspecialdomain.com
URL
https://trackspecialdomain.com/?p=ga2ggzrsmm5gi3bpg42dkmq&sub2=zingersd3

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CryptoJS function| check function| $ function| jQuery object| default_tr

7 Cookies

Domain/Path Name / Value
.trackspecialdomain.com/ Name: uuid
Value: 16fefd9a-2764-46f4-9fc8-8bb70fc2b160
.0.trackspecialdomain.com/ Name: uuid
Value: 16fefd9a-2764-46f4-9fc8-8bb70fc2b160
0.trackspecialdomain.com/ Name: uuid
Value: 16fefd9a-2764-46f4-9fc8-8bb70fc2b160
.0.trackspecialdomain.com/ Name: ccid
Value: %5B64771%5D
.track.themaccleanup.info/ Name: bemob-uniq-visit:70bbac94-8fb3-46e5-a455-a05f447155f4
Value: 1
.track.themaccleanup.info/ Name: bemob-rotation:70bbac94-8fb3-46e5-a455-a05f447155f4:random:d5e470b63c22c64b74207027cdf79fc7
Value: 0-0-0
.track.themaccleanup.info/ Name: bemob-track-url
Value: https%3A%2F%2Fd1ue3yi0hkdsdl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjY1NjI3NTIyIiwiaGFzaCI6Ijk4OWJhNDk2NTg4NTdjZmNhNWFkZGJjODJiM2Q3N2U0NTNlZGNiNzYifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253D5d6c4faa-0afa-4386-9a57-e394ccc7cfe9..c1%253Dfeed14986..c2%253Dddcf50c6..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.trackspecialdomain.com%25252F

1 Console Messages

Source Level URL
Text
security warning URL: https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html#
Message:
Mixed Content: The page at 'https://d1ue3yi0hkdsdl.cloudfront.net/English/index.html#' was loaded over HTTPS, but requested an insecure element 'http://www.gstatic.com/images/branding/product/2x/translate_24dp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.trackspecialdomain.com
away.bettershitecolumn.com
cdn.weatherplllatform.com
cdnjs.cloudflare.com
collect.greengoplatform.com
d1ue3yi0hkdsdl.cloudfront.net
fonts.bunny.net
maps.googleapis.com
maps.gstatic.com
sandeo.org
track.getpageurl.com
track.greengoplatform.com
track.themaccleanup.info
trackspecialdomain.com
www.google.com
www.gstatic.com
away.bettershitecolumn.com
collect.greengoplatform.com
trackspecialdomain.com
138.199.40.58
162.222.227.139
185.177.94.108
2600:1f18:43d1:2a02:b6ee:327b:545e:e578
2600:9000:2511:1400:13:1772:3a40:21
2606:4700::6811:180e
2607:f8b0:4006:806::2003
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2003
2607:f8b0:4006:816::200a
91.211.91.104
91.211.91.112
91.211.91.114
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
1efb6b34aee777f657af03fc18ab7ec444bcb7025b175edbd489c3c984035f34
2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513
26aa33719460f8723c8faea0a26b2a2c6939a309b97a12616cd14ccfefe5dcc0
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
38ac10649d883a9328190048775b31efb6d459d29a86effd3719a16d004abfd9
41cc661550c347fd7ae4ca836951e60e920dabbcee27994506332c8e9f0e7752
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
49843610a21ee923bdec4d71775cbde80546a3d42e6b026c989bb120e2e664eb
4b1238a1b9202c3d215ed7b3f05a6cf12fb71d520d2066f25bbda095603dc9dd
4bc31d0cc5c98975e21c66b5e75249857fae081d12a1d4085083a10e214f51b8
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
52750d60a0620ca6c1c719083cc9f132729f3bd0d55045b83b7cd19a9c3a175f
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5afb096d2039e3330a5f0735fcfe077560b8c6c6f1e043c63736fdac5dcac9f7
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae
5f97a8b3d08909b32eb6615e4148b6c522b40f75ce829ae86f6604b81f691e61
612f08bb65b058e3ca7ef1ee54d6800ad88f2e89ab85196198d7a7262b413e1b
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
68b3115a11b8b8d65df8de2c2d0bb86eb1ba963a6be66a93e5ff1460b49557aa
6d00803227cc83b92a70fc2977de7bdcfe7e6129b5d8d0820fce0de17867b677
6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d
6dc755750023fdfc750d9ff02ad2c5249c1a732e167a6f4684589ffb5f9fbb44
6f293e85b57979f8b60faf784b11b159858ebeae3abd3a50928d078d6c9833d1
7a2b7d866d747b7abbe993aafd5c623261ca7f1265dcc4606f1b3a112a7a6e48
8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c
8e497502ccd62847fe887656d239686ad1c7ee291f3a27a5ee4bb74eb09e3bb5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
937cca6a0a751e4c7cfb0eb89d269287c8bcd4bb17e5fd170e30b1777f41043d
958d632b1857c4cbbe82101dfc9e39b6e749dee31d59bd46ca2be5b9c82a2f76
976e4ffe3d056f007894844a29e7ee9c8c5a8bfbfdf16adc0dc765b986bd1837
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
a289c43deb15f25b3a7a0e30ea087f3ed171c1f39b8da8762bd9c21f268a2baf
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b
b06b196c4d20360be56b475a0ba357cc3dd8c451ec98edb2a242514c8b6c515c
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6
cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0
d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310
d1fc21927293f00261a8795efadbdfa16d14521479402d72328c00482a6ba6b9
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de27d8901cbc3c7069d94a4c89267f10861e5eb1a1d906871e3ca75102562f1b
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26
e7816b6bd80713ced0fabbf061d7ad97d6d1ff4fbf94a1e2b17fbd61421a3a17
e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
ee36309f7838cc79a85567f3a9f7c97fd5b2326b70d118000a2b3811cadaa435
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69
f994b680ca84a21764c18174c5069b47450191d733770cc43bf9f90ce4718c39