urlscan.io logo urlscan.io
SecurityTrails logo

0.beatifywhite.online Open in urlscan Pro
188.166.68.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://renovationxlsquebec.com/
Effective URL: https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Submission: On February 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 81 HTTP transactions. The main IP is 188.166.68.96, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is 0.beatifywhite.online.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.
This is the only time 0.beatifywhite.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 2607:f1c0:100... 8560 (IONOS-AS ...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 45.9.150.78 49447 (NICEIT)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 188.166.68.96 14061 (DIGITALOC...)
81 8
26    2607:f1c0:100f:f000::26f (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
renovationxlsquebec.com
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
4    45.9.150.78 (Switzerland)

ASN49447 (NICEIT, DM)
ads.specialadves.com
click.specialadves.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    188.166.68.96 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
beatifywhite.online
0.beatifywhite.online
Apex Domain
Subdomains		 Transfer
26 renovationxlsquebec.com
renovationxlsquebec.com
569 KB
6 gstatic.com
fonts.gstatic.com
95 KB
4 beatifywhite.online
beatifywhite.online Failed
0.beatifywhite.online
90 KB
4 specialadves.com
ads.specialadves.com
click.specialadves.com
3 KB
3 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 349
fonts.googleapis.com — Cisco Umbrella Rank: 35
53 KB
3 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2660
55 KB
81 6
Domain Requested by
26 renovationxlsquebec.com 1 redirects renovationxlsquebec.com
6 fonts.gstatic.com fonts.googleapis.com
3 beatifywhite.online click.specialadves.com
0.beatifywhite.online
3 netdna.bootstrapcdn.com renovationxlsquebec.com
netdna.bootstrapcdn.com
2 click.specialadves.com ads.specialadves.com
click.specialadves.com
2 ads.specialadves.com 1 redirects renovationxlsquebec.com
ads.specialadves.com
2 maps.googleapis.com renovationxlsquebec.com
maps.googleapis.com
1 0.beatifywhite.online beatifywhite.online
1 fonts.googleapis.com renovationxlsquebec.com
81 9

This site contains no links.

Subject Issuer Validity Valid
*.renovationxlsquebec.com
Encryption Everywhere DV TLS CA - G1		 2021-08-12 -
2022-08-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
ads.specialadves.com
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
click.specialadves.com
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
beatifywhite.online
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Frame ID: 614AF6FF71631D1201B42B77AD3CD703
Requests: 87 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Menschliche verifikation

Page URL History Show full URLs

  1. http://renovationxlsquebec.com/ HTTP 301
    https://renovationxlsquebec.com/ Page URL
  2. https://ads.specialadves.com/s.php?id=463-24-745783-2 HTTP 302
    https://click.specialadves.com/c.php?id=883-435852-23-86699434 Page URL
  3. https://click.specialadves.com/go.php?id=123-37-456859-44 Page URL
  4. https://beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin Page URL
  5. https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

81
Requests

54 %
HTTPS

71 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

864 kB
Transfer

1110 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://renovationxlsquebec.com/ HTTP 301
    https://renovationxlsquebec.com/ Page URL
  2. https://ads.specialadves.com/s.php?id=463-24-745783-2 HTTP 302
    https://click.specialadves.com/c.php?id=883-435852-23-86699434 Page URL
  3. https://click.specialadves.com/go.php?id=123-37-456859-44 Page URL
  4. https://beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin Page URL
  5. https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://renovationxlsquebec.com/ HTTP 301
  • https://renovationxlsquebec.com/
Request Chain 73
  • https://ads.specialadves.com/s.php?id=463-24-745783-2 HTTP 302
  • https://click.specialadves.com/c.php?id=883-435852-23-86699434

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
renovationxlsquebec.com/
Redirect Chain
  • http://renovationxlsquebec.com/
  • https://renovationxlsquebec.com/
36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
81114c9169246c8e203a843f05de05bce4571e0499403ed1abd90bb10d197374

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 15 Feb 2022 07:17:21 GMT
server
Apache
link
<https://renovationxlsquebec.com/wp-json/>; rel="https://api.w.org/", <https://renovationxlsquebec.com/>; rel=shortlink
content-encoding
gzip

Redirect headers

Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Date
Tue, 15 Feb 2022 07:17:19 GMT
Server
Apache
Location
https://renovationxlsquebec.com/
bootstrap.css
renovationxlsquebec.com/wp-content/themes/theme50999/bootstrap/css/ 		105 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/bootstrap/css/bootstrap.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
303ae766bd6467a124f2c3a87b2a67a97e1868e37497ff1c688cd76749c51353

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Mon, 22 Feb 2021 13:11:29 GMT
server
Apache
accept-ranges
bytes
etag
"1a37e-5bbec8a38ded0"
content-length
107390
content-type
text/css
responsive.css
renovationxlsquebec.com/wp-content/themes/theme50999/bootstrap/css/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/bootstrap/css/responsive.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1552bda9a1302f3326cbb79e1892bbd2f29ca4c5d1211d667399a005775df1ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:48:38 GMT
server
Apache
accept-ranges
bytes
etag
"55b9-530a61e809180"
content-length
21945
content-type
text/css
camera.css
renovationxlsquebec.com/wp-content/themes/CherryFramework/css/ 		26 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/css/camera.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
3df13f8dc45f6168a5eff9bb8f32fa6807ba3efe0db1f76ce808bb7b0f48ca01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:34 GMT
server
Apache
accept-ranges
bytes
etag
"6698-530a60c61e580"
content-length
26264
content-type
text/css
style.css
renovationxlsquebec.com/wp-content/themes/theme50999/ 		40 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/style.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0b479f1330ef51ee53ec8314056e2af1aaee36f972611eebcf3c49ea86462f94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:42:40 GMT
server
Apache
accept-ranges
bytes
etag
"9ee2-530a60929ec00"
content-length
40674
content-type
text/css
flexslider.css
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/flexslider.css?ver=2.2.0
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
013585d07f16d114d3402e3b540854c914254d7f17fd430e216e8df7334c9c92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:49:00 GMT
server
Apache
accept-ranges
bytes
etag
"1735-530a61fd04300"
content-length
5941
content-type
text/css
owl.carousel.css
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/owl.carousel.css?ver=1.24
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:49:02 GMT
server
Apache
accept-ranges
bytes
etag
"1721-530a61feec780"
content-length
5921
content-type
text/css
owl.theme.css
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/owl-carousel/owl.theme.css?ver=1.24
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8f8439f41dd768871bde30fceb034a6de5a50945a564658a60a06b23cb5d039a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:49:02 GMT
server
Apache
accept-ranges
bytes
etag
"680-530a61feec780"
content-length
1664
content-type
text/css
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css?ver=3.2.1
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
1805704
cdn-cachedat
2021-06-08 14:14:42
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9256d228095e0e65283ebf5530b25e58
cf-ray
6ddcc18d0c549280-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
cherry-plugin.css
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/includes/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/includes/css/cherry-plugin.css?ver=1.2.8.1
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d00dd4a54dc8736da1a68b2c57490d6f827e69fed3f23f5746771499a77feaf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:47:40 GMT
server
Apache
accept-ranges
bytes
etag
"7ad0-530a61b0b8f00"
content-length
31440
content-type
text/css
lazy-load.css
renovationxlsquebec.com/wp-content/plugins/cherry-lazy-load/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-lazy-load/css/lazy-load.css?ver=1.0
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
bc197be086ea415423d9e00b3b57252e2dd7a9cf0b8c3ef926d9844e1271d9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:42:47 GMT
server
Apache
accept-ranges
bytes
etag
"8a4-530a60994bbc0"
content-length
2212
content-type
text/css
styles.css
renovationxlsquebec.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.2
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Wed, 20 Jun 2018 13:18:40 GMT
server
Apache
accept-ranges
bytes
etag
"693-56f12a3196c00"
content-length
1683
content-type
text/css
main-style.css
renovationxlsquebec.com/wp-content/themes/theme50999/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/main-style.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
106216fdfe04ca4b44804a353e2e76c3eecaef7cfd0e7c2c19e9fd3f754fc574

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Mon, 22 Feb 2021 13:11:29 GMT
server
Apache
accept-ranges
bytes
etag
"97d8-5bbec8a3bec16"
content-length
38872
content-type
text/css
magnific-popup.css
renovationxlsquebec.com/wp-content/themes/CherryFramework/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/css/magnific-popup.css?ver=0.9.3
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
690587b44cbf9ff5efa013957f8460d96b36775acbb27472cfb6dc34bb91af4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:34 GMT
server
Apache
accept-ranges
bytes
etag
"2458-530a60c61e580"
content-length
9304
content-type
text/css
jquery-1.7.2.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery-1.7.2.min.js?ver=1.7.2
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f6156149734e3d04d1e30ee1eacc6bda92fb47357dd15b26acab9f7a79f3bb04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:47 GMT
server
Apache
accept-ranges
bytes
etag
"17979-530a60d2842c0"
content-length
96633
content-type
application/javascript
jquery.easing.1.3.js
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/jquery.easing.1.3.js?ver=1.3
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0dc867370ca6375a60a8167688cd3fcfde764b639746f59a536a8ce1a52c17f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:47:52 GMT
server
Apache
accept-ranges
bytes
etag
"13e5-530a61bc2aa00"
content-length
5093
content-type
application/javascript
jquery.elastislide.js
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/elasti-carousel/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/elasti-carousel/jquery.elastislide.js?ver=1.2.8.1
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e9ae0386a45a860f7030de940e8b6bcae44669693c9450bef97b8909d3780725

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:49:00 GMT
server
Apache
accept-ranges
bytes
etag
"1f61-530a61fd04300"
content-length
8033
content-type
application/javascript
js
maps.googleapis.com/maps/api/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.9.19
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
82b3041788dedd2c42435543bdd769f4ae2aa22a5d3b9b84c88cbe3b89c3c2c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52529
x-xss-protection
0
expires
Tue, 15 Feb 2022 07:47:22 GMT
jquery-migrate-1.2.1.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery-migrate-1.2.1.min.js?ver=1.2.1
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
73fe56993a089ec8459f7436559b912d6894b394fa501038c80836b538ec906e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:47 GMT
server
Apache
accept-ranges
bytes
etag
"2320-530a60d2842c0"
content-length
8992
content-type
application/javascript
swfobject.js
renovationxlsquebec.com/wp-includes/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-includes/js/swfobject.js?ver=2.2-20120417
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
db95d9465edfd1eb6da9d989265e7afe857f4ee03c97488b8e8b8db069748594

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:50:55 GMT
server
Apache
accept-ranges
bytes
etag
"2ef8-530a626ab05c0"
content-length
12024
content-type
application/javascript
modernizr.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/modernizr.js?ver=2.0.6
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
3ee183585454835b48faf0a059e53138dddad16b15611ceb1e880182154182c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:50 GMT
server
Apache
accept-ranges
bytes
etag
"371b-530a60d560980"
content-length
14107
content-type
application/javascript
jflickrfeed.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jflickrfeed.js?ver=1.0
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
fb610cceb7c29dfe833266aac98088ad084c6273e90fb7abb7f373714a65f38a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:47 GMT
server
Apache
accept-ranges
bytes
etag
"b35-530a60d2842c0"
content-length
2869
content-type
application/javascript
custom.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/custom.js?ver=1.0
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
718b132af2e2b4d31bfd77a3d80dda659fa1f488d06c8a811f6e6cb7023cc6f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:46 GMT
server
Apache
accept-ranges
bytes
etag
"2298-530a60d190080"
content-length
8856
content-type
application/javascript
bootstrap.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/bootstrap/js/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/bootstrap/js/bootstrap.min.js?ver=2.3.0
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
95a75e1c826ef7116edb780abaf37ad866fbab70e4f16de6d12293307402158f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:48:14 GMT
server
Apache
accept-ranges
bytes
etag
"7755-530a61d125b80"
content-length
30549
content-type
application/javascript
jquery.mobile.customized.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.mobile.customized.min.js
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
54bc42423459daf0d9969090dbac0aa8ad51317d8248de674f91b74a6d7282e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:49 GMT
server
Apache
accept-ranges
bytes
etag
"4a44-530a60d46c740"
content-length
19012
content-type
application/javascript
logo.png
renovationxlsquebec.com/wp-content/themes/theme50999/images/ 		0
0
gaf-certified.jpg
renovationxlsquebec.com/wp-content/uploads/2011/09/ 		0
0
system-plus.jpg
renovationxlsquebec.com/wp-content/uploads/2011/09/ 		0
0
certainteed1.jpg
renovationxlsquebec.com/wp-content/uploads/2011/09/ 		0
0
soprema.jpg
renovationxlsquebec.com/wp-content/uploads/2011/09/ 		0
0
APCHQ_50ansCMYK-e1432216893605.jpg
renovationxlsquebec.com/wp-content/uploads/2011/09/ 		0
0
Logo-AECQ.jpg
renovationxlsquebec.com/wp-content/uploads/2015/06/ 		0
0
logo-artik.png
renovationxlsquebec.com/wp-content/uploads/2011/09/ 		0
0
/
ads.specialadves.com/ping/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.specialadves.com/ping/?ton.js
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.9.150.78 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
5b855d3a27e392a3590e148428acad4d44bfd3db4cd8f543c61210a01debdaea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 07:17:23 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/plain; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
FB-f-Logo__white_72.png
renovationxlsquebec.com/wp-content/uploads/2015/05/ 		0
0
jquery.flexslider-min.js
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/ 		0
0
cherry-plugin.js
renovationxlsquebec.com/wp-content/plugins/cherry-plugin/includes/js/ 		0
0
cherry.lazy-load.js
renovationxlsquebec.com/wp-content/plugins/cherry-lazy-load/js/ 		0
0
device.min.js
renovationxlsquebec.com/wp-content/plugins/cherry-lazy-load/js/ 		0
0
scripts.js
renovationxlsquebec.com/wp-content/plugins/contact-form-7/includes/js/ 		0
0
superfish.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.mobilemenu.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.magnific-popup.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jplayer.playlist.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.jplayer.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
tmstickup.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
device.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.zaccordion.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
camera.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.debouncedresize.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.ba-resize.min.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
jquery.isotope.js
renovationxlsquebec.com/wp-content/themes/CherryFramework/js/ 		0
0
wp-embed.min.js
renovationxlsquebec.com/wp-includes/js/ 		0
0
local-ga.js
renovationxlsquebec.com/wp-content/plugins/simple-google-analytics/cache/ 		0
0
wp-emoji-release.min.js
renovationxlsquebec.com/wp-includes/js/ 		0
0
style.css
renovationxlsquebec.com/wp-content/themes/CherryFramework/ 		521 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/style.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/wp-content/themes/theme50999/main-style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
60e7f79f91e595ad23507b3914f7c689cd950ebdb70b34f5227006e73aac86d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/wp-content/themes/theme50999/main-style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:42:37 GMT
server
Apache
accept-ranges
bytes
etag
"209-530a608fc2540"
content-length
521
content-type
text/css
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/wp-content/themes/theme50999/main-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
674, 617, 617
age
1805707
cdn-cachedat
2021-04-13 08:26:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5df7ea668d94f41379e642b8eba366fd
cf-ray
6ddcc1910e6f9280-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/wp-content/themes/theme50999/main-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4761db0221e1427bb7ab06092fe0c0b34f42a0ce8e54c1ddd24aebdb9d26e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 07:17:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 07:17:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 07:17:22 GMT
style.css
renovationxlsquebec.com/wp-content/themes/CherryFramework/css/ 		64 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/css/style.css
Requested by
Host: renovationxlsquebec.com
URL: https://renovationxlsquebec.com/wp-content/themes/CherryFramework/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::26f , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
437d992bd86ab9861e3c5b2d525b79675b50be53b966c819fd8bd4ad6d96fa9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:22 GMT
last-modified
Sun, 17 Apr 2016 03:43:34 GMT
server
Apache
accept-ranges
bytes
etag
"1019d-530a60c61e580"
content-length
65949
content-type
text/css
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&ver=4.9.19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://renovationxlsquebec.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options
nosniff
age
503686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 11:22:37 GMT
header_bg.jpg
renovationxlsquebec.com/wp-content/themes/theme50999/images/ 		0
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options
nosniff
age
558568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 20:07:55 GMT
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		0
0
bg_1.png
renovationxlsquebec.com/wp-content/themes/theme50999/images/ 		0
0
bg_2.png
renovationxlsquebec.com/wp-content/themes/theme50999/images/ 		0
0
bg_3.png
renovationxlsquebec.com/wp-content/themes/theme50999/images/ 		0
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
562654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:59:49 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 12:42:18 GMT
x-content-type-options
nosniff
age
239705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 12 Feb 2023 12:42:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 05:33:18 GMT
x-content-type-options
nosniff
age
524645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 05:33:18 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900italic,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:32:43 GMT
x-content-type-options
nosniff
age
470680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17540
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 20:32:43 GMT
fontawesome-webfont.ttf
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		79 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.ttf?v=4.0.3
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin
https://renovationxlsquebec.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 14:32:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/ttf
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e4b5d042b4e9aa9f82259f563621cab6
cf-ray
6ddcc193cb629237-FRA
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
s.php
ads.specialadves.com/ 		0
0
c.php
click.specialadves.com/
Redirect Chain
  • https://ads.specialadves.com/s.php?id=463-24-745783-2
  • https://click.specialadves.com/c.php?id=883-435852-23-86699434
892 B
666 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.specialadves.com/c.php?id=883-435852-23-86699434
Requested by
Host: ads.specialadves.com
URL: https://ads.specialadves.com/ping/?ton.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.9.150.78 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://renovationxlsquebec.com/

Response headers

Server
nginx
Date
Tue, 15 Feb 2022 07:17:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
439
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 15 Feb 2022 07:17:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://click.specialadves.com/c.php?id=883-435852-23-86699434
go.php
click.specialadves.com/ 		0
0
go.php
click.specialadves.com/ 		255 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.specialadves.com/go.php?id=123-37-456859-44
Requested by
Host: click.specialadves.com
URL: https://click.specialadves.com/c.php?id=883-435852-23-86699434
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.9.150.78 , Switzerland, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
9d5ad657906fae540116a6a3a7a51e92de18f96e653032e2f5abc5bd4e947a9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://click.specialadves.com/c.php?id=883-435852-23-86699434

Response headers

Server
nginx
Date
Tue, 15 Feb 2022 07:17:23 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
192
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Content-Encoding
gzip
/
beatifywhite.online/ 		0
0
/
beatifywhite.online/ 		51 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Requested by
Host: click.specialadves.com
URL: https://click.specialadves.com/go.php?id=123-37-456859-44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f48a347a4bfb1ddf2affbebca236f00836187bc9503dcb5a368a040f6837f65f
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://click.specialadves.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 07:17:23 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
0.beatifywhite.online/ 		26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Requested by
Host: beatifywhite.online
URL: https://beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
274b4273696bcea2a7ac41e3b01a121a5bca1622d811a49d56e0b94ef6d231d4
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beatifywhite.online/

Response headers

server
nginx
date
Tue, 15 Feb 2022 07:17:24 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
1.png
beatifywhite.online/img/18/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beatifywhite.online/img/18/1.png
Requested by
Host: 0.beatifywhite.online
URL: https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0.beatifywhite.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:24 GMT
last-modified
Mon, 25 Nov 2019 17:34:12 GMT
server
nginx
etag
"5ddc1094-295f"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
10591
expires
Thu, 17 Mar 2022 07:17:24 GMT
2.png
beatifywhite.online/img/18/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beatifywhite.online/img/18/2.png
Requested by
Host: 0.beatifywhite.online
URL: https://0.beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0.beatifywhite.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 07:17:24 GMT
last-modified
Mon, 25 Nov 2019 17:34:21 GMT
server
nginx
etag
"5ddc109d-425"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
1061
expires
Thu, 17 Mar 2022 07:17:24 GMT
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/images/logo.png
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2011/09/gaf-certified.jpg
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2011/09/system-plus.jpg
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2011/09/certainteed1.jpg
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2011/09/soprema.jpg
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2011/09/APCHQ_50ansCMYK-e1432216893605.jpg
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2015/06/Logo-AECQ.jpg
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2011/09/logo-artik.png
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/uploads/2015/05/FB-f-Logo__white_72.png
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/lib/js/FlexSlider/jquery.flexslider-min.js?ver=2.2.2
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-plugin/includes/js/cherry-plugin.js?ver=1.2.8.1
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-lazy-load/js/cherry.lazy-load.js?ver=1.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/plugins/cherry-lazy-load/js/device.min.js?ver=1.0.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.2
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/superfish.js?ver=1.5.3
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.mobilemenu.js?ver=1.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.magnific-popup.min.js?ver=0.9.3
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jplayer.playlist.min.js?ver=2.3.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.jplayer.min.js?ver=2.6.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/tmstickup.js?ver=1.0.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/device.min.js?ver=1.0.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.zaccordion.min.js?ver=2.1.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/camera.min.js?ver=1.3.4
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.debouncedresize.js?ver=1.0
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.ba-resize.min.js?ver=1.1
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/CherryFramework/js/jquery.isotope.js?ver=1.5.25
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-includes/js/wp-embed.min.js?ver=4.9.19
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/plugins/simple-google-analytics/cache/local-ga.js
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.19
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/images/header_bg.jpg
Domain
netdna.bootstrapcdn.com
URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/images/bg_1.png
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/images/bg_2.png
Domain
renovationxlsquebec.com
URL
https://renovationxlsquebec.com/wp-content/themes/theme50999/images/bg_3.png
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/s.php?id=463-24-745783-2
Domain
click.specialadves.com
URL
https://click.specialadves.com/go.php?id=123-37-456859-44
Domain
beatifywhite.online
URL
https://beatifywhite.online/?p=gfsdczjwgy5gi3bpgy4tanq&sub1=chermetive&sub2=kolin

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array

2 Cookies

Domain/Path Name / Value
.beatifywhite.online/ Name: uuid
Value: 9e58446e-cf0e-4eb9-bc65-1ce3d5dfbd2f
.0.beatifywhite.online/ Name: uuid
Value: 9e58446e-cf0e-4eb9-bc65-1ce3d5dfbd2f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.beatifywhite.online
ads.specialadves.com
beatifywhite.online
click.specialadves.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
netdna.bootstrapcdn.com
renovationxlsquebec.com
ads.specialadves.com
beatifywhite.online
click.specialadves.com
netdna.bootstrapcdn.com
renovationxlsquebec.com
188.166.68.96
2606:4700::6812:acf
2607:f1c0:100f:f000::26f
2a00:1450:4001:812::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
45.9.150.78
013585d07f16d114d3402e3b540854c914254d7f17fd430e216e8df7334c9c92
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
0b479f1330ef51ee53ec8314056e2af1aaee36f972611eebcf3c49ea86462f94
0dc867370ca6375a60a8167688cd3fcfde764b639746f59a536a8ce1a52c17f9
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
106216fdfe04ca4b44804a353e2e76c3eecaef7cfd0e7c2c19e9fd3f754fc574
1552bda9a1302f3326cbb79e1892bbd2f29ca4c5d1211d667399a005775df1ee
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
274b4273696bcea2a7ac41e3b01a121a5bca1622d811a49d56e0b94ef6d231d4
303ae766bd6467a124f2c3a87b2a67a97e1868e37497ff1c688cd76749c51353
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3df13f8dc45f6168a5eff9bb8f32fa6807ba3efe0db1f76ce808bb7b0f48ca01
3ee183585454835b48faf0a059e53138dddad16b15611ceb1e880182154182c4
437d992bd86ab9861e3c5b2d525b79675b50be53b966c819fd8bd4ad6d96fa9a
4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830
54bc42423459daf0d9969090dbac0aa8ad51317d8248de674f91b74a6d7282e9
5b855d3a27e392a3590e148428acad4d44bfd3db4cd8f543c61210a01debdaea
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
60e7f79f91e595ad23507b3914f7c689cd950ebdb70b34f5227006e73aac86d1
690587b44cbf9ff5efa013957f8460d96b36775acbb27472cfb6dc34bb91af4d
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
718b132af2e2b4d31bfd77a3d80dda659fa1f488d06c8a811f6e6cb7023cc6f4
73fe56993a089ec8459f7436559b912d6894b394fa501038c80836b538ec906e
81114c9169246c8e203a843f05de05bce4571e0499403ed1abd90bb10d197374
82b3041788dedd2c42435543bdd769f4ae2aa22a5d3b9b84c88cbe3b89c3c2c4
8f8439f41dd768871bde30fceb034a6de5a50945a564658a60a06b23cb5d039a
95a75e1c826ef7116edb780abaf37ad866fbab70e4f16de6d12293307402158f
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
9d5ad657906fae540116a6a3a7a51e92de18f96e653032e2f5abc5bd4e947a9d
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc197be086ea415423d9e00b3b57252e2dd7a9cf0b8c3ef926d9844e1271d9ef
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d00dd4a54dc8736da1a68b2c57490d6f827e69fed3f23f5746771499a77feaf9
d4761db0221e1427bb7ab06092fe0c0b34f42a0ce8e54c1ddd24aebdb9d26e83
db95d9465edfd1eb6da9d989265e7afe857f4ee03c97488b8e8b8db069748594
e9ae0386a45a860f7030de940e8b6bcae44669693c9450bef97b8909d3780725
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f48a347a4bfb1ddf2affbebca236f00836187bc9503dcb5a368a040f6837f65f
f6156149734e3d04d1e30ee1eacc6bda92fb47357dd15b26acab9f7a79f3bb04
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
fb610cceb7c29dfe833266aac98088ad084c6273e90fb7abb7f373714a65f38a