urlscan.io logo urlscan.io
SecurityTrails logo

xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai Open in urlscan Pro Puny
клинкерный-кирпич-оренбург.рф IDN
2a00:f940:2:4:2::3ffe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Effective URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Submission: On February 02 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 38 HTTP transactions. The main IP is 2a00:f940:2:4:2::3ffe, located in Russian Federation and belongs to AS-REG, RU. The main domain is xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai.
TLS certificate: Issued by R3 on February 2nd 2022. Valid for: 3 months.
This is the only time xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2a00:f940:2:4:2::3ffe (Russian Federation)

ASN197695 (AS-REG, RU)
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
3    2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
partner.googleadservices.com
1    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17
function sub() { [native code] }.
533 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
191 KB
4 gstatic.com
fonts.gstatic.com
123 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
5 KB
1 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12419
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
668 B
38 8
Domain Requested by
17 xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai 1 redirects xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
6 pagead2.googlesyndication.com xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.googleapis.com xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.ca pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
38 10

This site contains no links.

Subject Issuer Validity Valid
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Frame ID: A218A1965235043A8D7C4F1822C9EC49
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Frame ID: 3DE00D8C28DCE5CF74E4A2FA129CCEA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7155831914921965&output=html&adk=1812271804&adf=3025194257&lmt=1643796750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643796749878&bpp=3&bdt=958&idt=161&shv=r20220131&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1323100058854&frm=20&pv=2&ga_vid=688579298.1643796750&ga_sid=1643796750&ga_hid=1854813112&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064678&oid=2&pvsid=1639601489759007&pem=694&tmod=1341084224&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180
Frame ID: 9F02C2C7734B4AB164BB0F14CFDEC7EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21EEDCB75CD82D112C71358E80A0FFC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 78132B4D133E7D695931A6FD692C913B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Блог о недвижимости

Page URL History Show full URLs

  1. http://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/ HTTP 301
    https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- All in One SEO Pack ([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

858 kB
Transfer

1470 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/ HTTP 301
    https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Redirect Chain
  • http://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
  • https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 / PHP/5.4.16
Resource Hash
96a1e9a18412f325336e3e6910e888da6543ce931cf0be7e94c1868c0444aa1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
nginx/1.20.2
Date
Wed, 02 Feb 2022 10:12:28 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Link
<https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-json/>; rel="https://api.w.org/"
Content-Encoding
gzip

Redirect headers

Server
nginx/1.20.2
Date
Wed, 02 Feb 2022 10:12:27 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
style.css
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/ 		51 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/style.css?ver=1.6.5
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
fc4d6d3ebc3e7545b445e6101438983da3cbd322fa54cabf63bb90c6b55a4663

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-cb5f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
font-awesome.css
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/font-awesome.css?ver=4.7.13
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
07dff58215b7a5eb097a68e4a574c9c1fe5f7784e7c9e52a71f6af5f6e8d545e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-9226"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
fontello.css
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/fontello.css?ver=4.7.13
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
f36d061b60d840d63d1d58cf3f960d8612b3600cc7902c6013ff758965fceca6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-6d3"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
slick.css
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/ 		1 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/slick.css?ver=4.7.13
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-537"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
perfect-scrollbar.css
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/ 		1 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/perfect-scrollbar.css?ver=4.7.13
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
614426109acf753ce4f5ca75fc25aaf515bad4f6c0b4d3ecdefa1b8c4030d354

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-582"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
responsive.css
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/responsive.css?ver=1.6.5
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
4d5a144f199298f6039a5c9879dddc3b99c6db2b8ea2503ee40ab32d0670755d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-2881"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
css
fonts.googleapis.com/ 		3 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d915013a55437ce28b0f52b10acd2102c63a32c729af58300f2585029f9956ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 09:53:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 10:12:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 10:12:29 GMT
css
fonts.googleapis.com/ 		15 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bec1c43b5f0e7bebf673c569ea2f2be769bb51680db714f25bab577c69c57c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 09:07:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 10:12:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 10:12:29 GMT
css
fonts.googleapis.com/ 		1 KB
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rokkitt&ver=1.0.0
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cec4e874d641506db32bb25a9c57fde6b716fefc5e245cda31a6d0042729ef22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 10:10:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 10:12:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 10:12:29 GMT
jquery.js
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-includes/js/jquery/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-17ba0"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
jquery-migrate.min.js
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-2748"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f680092a9ce428f11ef4ff6782e4313126c0c541cbb9abc86c99241089bfbebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53328
x-xss-protection
0
server
cafe
etag
13833833692861856761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 10:12:29 GMT
1-300x300.jpg
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/uploads/2021/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/uploads/2021/12/1-300x300.jpg
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
839d25b59b6cb1891dfbe064a9f1f1b8a4f620f82ad2066607dae256423f6b62

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Last-Modified
Sun, 05 Dec 2021 13:08:17 GMT
Server
nginx/1.20.2
ETag
"61acb9c1-5d41"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23873
1-300x300.png
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/uploads/2021/10/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/uploads/2021/10/1-300x300.png
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
0dc489d19aef1c8ae383893dd96746b029e5866c186422ce2f54ea14567a1fcf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Last-Modified
Mon, 11 Oct 2021 14:08:52 GMT
Server
nginx/1.20.2
ETag
"61644574-213d6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136150
custom-plugins.js
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/js/ 		129 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/js/custom-plugins.js?ver=1.6.5
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
8d4efbcfa6d3963bfda55a12a16401242b4ea64d6200fff360b0a7f7da5ba060

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-2021d"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
custom-scripts.js
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/js/custom-scripts.js?ver=1.6.5
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
ad52e3f7beaffe3fd4c0309ed1477d1a31bdd632b6fc8358ef4076db4befda1f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-12dd"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
wp-embed.min.js
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-includes/js/wp-embed.min.js?ver=4.7.13
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
W/"6162cf99-576"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
cropped-pexels-jessica-bryant-1370704.jpg
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/uploads/2020/10/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/uploads/2020/10/cropped-pexels-jessica-bryant-1370704.jpg
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e58ef07a791f6a1fb58a51d9b266fb385f29953d5a33f982bbeae6d14401aea7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
"6162cf99-2e83e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
190526
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:03:44 GMT
x-content-type-options
nosniff
age
176925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 31 Jan 2023 09:03:44 GMT
fontawesome-webfont.woff2
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
URL: https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/font-awesome.css?ver=4.7.13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f940:2:4:2::3ffe , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/wp-content/themes/ashe/assets/css/font-awesome.css?ver=4.7.13
Origin
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:12:29 GMT
Last-Modified
Sun, 10 Oct 2021 11:33:45 GMT
Server
nginx/1.20.2
ETag
"6162cf99-12d68"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77160
nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2
fonts.gstatic.com/s/playfairdisplay/v25/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v25/nuFiD-vYSZviVYUb_rj3ij__anPXDTjYgFE_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f07c3decdcbec1564c757d135587f423d8636397cc3d6c5ed4c1d05370b4a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 11:37:05 GMT
x-content-type-options
nosniff
age
81324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19980
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 11:37:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 13:43:38 GMT
x-content-type-options
nosniff
age
332931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 29 Jan 2023 13:43:38 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v25/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v25/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:44:23 GMT
x-content-type-options
nosniff
age
570486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35948
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:44:23 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 		286 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6239e291557b218ff2cc1eab8954ec6cda4e75beb41b59a0b637f0c95249d6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105566
x-xss-protection
0
server
cafe
etag
13437818784394946096
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 10:12:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/ Frame 3DE0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 01 Feb 2022 18:44:43 GMT
expires
Tue, 15 Feb 2022 18:44:43 GMT
cache-control
public, max-age=1209600
age
55666
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		250 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai&callback=_gfp_s_&client=ca-pub-7155831914921965
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
4ca5a04f24c03428813d191cf9401efaa63b72218dd0f46e65e9ce2345bbd96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
224
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 10:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 10:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F02 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7155831914921965&output=html&adk=1812271804&adf=3025194257&lmt=1643796750&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643796749878&bpp=3&bdt=958&idt=161&shv=r20220131&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1323100058854&frm=20&pv=2&ga_vid=688579298.1643796750&ga_sid=1643796750&ga_hid=1854813112&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064678&oid=2&pvsid=1639601489759007&pem=694&tmod=1341084224&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 10:12:30 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 10:12:30 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fff92a093558f20044e2a5846f9b3a27f9ddd84fd34f3bde193b09a0f82afa24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 10:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9879
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js?bust=31064678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 10:12:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21EE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 03:32:59 GMT
expires
Thu, 02 Feb 2023 03:32:59 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
23971
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7813 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
524fa899affbf42a8d7e260f30b76cdf8d93329c9b6311c52f5b42729555c98e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g9fWvnwchZHmzmed0CWiRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Feb 2022 10:12:30 GMT
date
Wed, 02 Feb 2022 10:12:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-g9fWvnwchZHmzmed0CWiRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
pagead2.googlesyndication.com/bg/ Frame 21EE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 20:17:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
395676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jan 2023 20:17:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7813 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220131&jk=1639601489759007&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 21EE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jUHbsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:12:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220131&jk=1639601489759007&bg=!nZ6lntrNAAYZkRhwGZE7ACkAdvg8Woai45cecRX79tNzRHM0W9KxiF0aRdv1zoXInfkPU1nWQpdhpgIAAABqUgAAAANoAQeZAsYia5W3zfdeDfcdcXmRvI_NDl2EVOIUoKOcuzFqFa6vRyFKrXBNsJUMYyz5HN_qGPOdC6ERrhpvMiEgUprH3aAw5iQ0WWBLgnNmw7fjRBzyJYFFfOuOW_l0FZRvT0K-8kwznvrGL1BNYyrp2dv_kSa83dSFs0mwkUU2_iqfngDGJhc7-n3PoO3HvCHEdaLezVjSxBOQOv3-1LFr3_v7rmdz9DffLRycIOEbE4PXvkZBQWcu3jFRpPkruY2NU8jGgDEBOnM1EBafHxr_-eDi8_UpFevtxaU92EBzqWoA5gyG4embKG5PDzX6XOJJ17n_LZWIwWpWWmGKbdrRQ3Z1V9QaF__MEKwOw183jLiRTm--0NuL7RtRBqJoaXV_lLAWoTiR7PwkHsZKYib_LKp5x2u5UjP9XqgJDF_fraAyxuOJVvDGnbspiust0GCQqwrxTq9rXKvtou5b136FI4gi-zHltz3jlBi640lAKnj4FQvvqH-UI22p1az5m9W9wCqsZM70Kiw2LfbHHB3drjmoafdX3wmBAAWvTdG1JgSNQ0gSp4kOsySk4oB8OZS9jtzb9OCjOPsFYBbGcKVYt64T34nlv_UiPD0VPXAU1oz37V8gA3vmo_KDsf8cqCp8cEulu0DIc5dMlBx_7jDJSjctnxgvKKul4cO9P0c6jLSz8XOdLAHxZ3Jk3XsIzHpVSLWWmECisP_MnoQqSTsNAIDiBy-N8h9eoOZDwRAmAcEwMyBQsWRjQtdt4N2-8eznHKB2MUJYcMomTqOD2z7cIOAiuMf5TQBrJTgMH0nROIGe6sIVQ0Li0oiP4T5TZS2ndsPnnXlF-U7rUOtN9QRrH7dkdcvzk3cT7vKmmfOrfsCLpTRGtg3A_d45sYmyfmBRrBP5onah84B9Wo-P8R4ZpZ7RMkr9CMMnQDTHrt3HA1enVwYfmzI1QsKaYA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 10:12:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle object| wp object| jQuery1124010808489296093393 object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai/ Name: __gads
Value: ID=fd7fcf9e92c7a7ac-2215319890cf0047:T=1643796750:RT=1643796750:S=ALNI_Mb7aea07b2_g4_3EDFBHZKRLtI9gA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
xn-----clcigcrcahibdi5achqqofed5ezeue.xn--p1ai
142.250.65.162
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2002
2a00:f940:2:4:2::3ffe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07dff58215b7a5eb097a68e4a574c9c1fe5f7784e7c9e52a71f6af5f6e8d545e
0dc489d19aef1c8ae383893dd96746b029e5866c186422ce2f54ea14567a1fcf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ca5a04f24c03428813d191cf9401efaa63b72218dd0f46e65e9ce2345bbd96d
4d5a144f199298f6039a5c9879dddc3b99c6db2b8ea2503ee40ab32d0670755d
524fa899affbf42a8d7e260f30b76cdf8d93329c9b6311c52f5b42729555c98e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f07c3decdcbec1564c757d135587f423d8636397cc3d6c5ed4c1d05370b4a5d
614426109acf753ce4f5ca75fc25aaf515bad4f6c0b4d3ecdefa1b8c4030d354
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6239e291557b218ff2cc1eab8954ec6cda4e75beb41b59a0b637f0c95249d6c5
839d25b59b6cb1891dfbe064a9f1f1b8a4f620f82ad2066607dae256423f6b62
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8d4efbcfa6d3963bfda55a12a16401242b4ea64d6200fff360b0a7f7da5ba060
96a1e9a18412f325336e3e6910e888da6543ce931cf0be7e94c1868c0444aa1f
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965
ad52e3f7beaffe3fd4c0309ed1477d1a31bdd632b6fc8358ef4076db4befda1f
bec1c43b5f0e7bebf673c569ea2f2be769bb51680db714f25bab577c69c57c70
cec4e874d641506db32bb25a9c57fde6b716fefc5e245cda31a6d0042729ef22
d915013a55437ce28b0f52b10acd2102c63a32c729af58300f2585029f9956ca
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58ef07a791f6a1fb58a51d9b266fb385f29953d5a33f982bbeae6d14401aea7
f36d061b60d840d63d1d58cf3f960d8612b3600cc7902c6013ff758965fceca6
f680092a9ce428f11ef4ff6782e4313126c0c541cbb9abc86c99241089bfbebb
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc4d6d3ebc3e7545b445e6101438983da3cbd322fa54cabf63bb90c6b55a4663
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fff92a093558f20044e2a5846f9b3a27f9ddd84fd34f3bde193b09a0f82afa24