urlscan.io logo urlscan.io
SecurityTrails logo

14.itscanfinance.com Open in urlscan Pro
172.245.112.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://14.itscanfinance.com/
Effective URL: https://14.itscanfinance.com/
Submission: On December 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 30 HTTP transactions. The main IP is 172.245.112.202, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is 14.itscanfinance.com.
TLS certificate: Issued by E5 on December 16th 2024. Valid for: 3 months.
This is the only time 14.itscanfinance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 172.245.112.202 36352 (AS-COLOCR...)
2 2a04:4e42:400... 54113 (FASTLY)
5 104.17.25.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
2 172.217.18.3 15169 (GOOGLE)
1 1 2600:9000:225... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
2 157.240.0.35 32934 (FACEBOOK)
1 3.122.218.248 16509 (AMAZON-02)
30 9
13    172.245.112.202 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 172-245-112-202-host.colocrossing.com
14.itscanfinance.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
fonts.gstatic.com
1    2600:9000:225e:200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
2    2600:9000:2491:9400:3:37c9:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront.jwpsrv.com
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    3.122.218.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
getyourapi.site
Apex Domain
Subdomains		 Transfer
13 itscanfinance.com
14.itscanfinance.com
55 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
151 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 jwpsrv.com
videos-cloudfront.jwpsrv.com
2 gstatic.com
fonts.gstatic.com
186 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
62 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
44 KB
1 getyourapi.site
getyourapi.site
558 B
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 5162
411 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
30 10
Domain Requested by
13 14.itscanfinance.com 14.itscanfinance.com
5 cdnjs.cloudflare.com 14.itscanfinance.com
cdnjs.cloudflare.com
2 www.facebook.com 14.itscanfinance.com
2 videos-cloudfront.jwpsrv.com 14.itscanfinance.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net 14.itscanfinance.com
connect.facebook.net
2 cdn.jsdelivr.net 14.itscanfinance.com
1 getyourapi.site cdnjs.cloudflare.com
1 content.jwplatform.com 1 redirects
1 fonts.googleapis.com 14.itscanfinance.com
30 10

This site contains no links.

Subject Issuer Validity Valid
14.itscanfinance.com
E5		 2024-12-16 -
2025-03-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
getyourapi.site
E6		 2024-12-04 -
2025-03-04		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M03		 2024-02-17 -
2025-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://14.itscanfinance.com/
Frame ID: 2EF4C81EB73CAA83562E67AEAB41B8E7
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Żyła złota

Page URL History Show full URLs

  1. http://14.itscanfinance.com/ HTTP 307
    https://14.itscanfinance.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

97 %
HTTPS

40 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

500 kB
Transfer

4809 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://14.itscanfinance.com/ HTTP 307
    https://14.itscanfinance.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://content.jwplatform.com/videos/lkCycqa1-IBxcO61U.mp4 HTTP 302
  • https://videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/RXDV28I3-34490871.mp4

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
14.itscanfinance.com/
Redirect Chain
  • http://14.itscanfinance.com/
  • https://14.itscanfinance.com/
35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
7465ca50f2c19fdb7c0b2ea0140f110b0e9e55fd922499a9044ac9e0b2e5b45a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 20 Dec 2024 05:38:14 GMT
server
openresty
vary
Accept-Encoding Accept-Encoding Accept-Encoding

Redirect headers

Location
https://14.itscanfinance.com/
Non-Authoritative-Reason
HttpsUpgrades
style.css
14.itscanfinance.com/src/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://14.itscanfinance.com/src/css/style.css
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
7812953549c33bf1a1926eb1ee70843d23fad74819cc83824acdd576e821d589

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
form.css
14.itscanfinance.com/src/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://14.itscanfinance.com/src/css/form.css
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
5ea78f71fd744fe23fcb2f87af99bc750ee73109922b5e81054abbee0aa48ba6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
189354735c4b4ad5b3bea7a72fd8dae8c3be93b2f08bcb4c65b1b8ad95e6235c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"481a-w966VhbiP2ej2teDfp6jz8kAtCQ"
age
21166
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Fri, 20 Dec 2024 05:38:14 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220077-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4470
x-jsd-version
11.1.15
logo-1.svg
14.itscanfinance.com/src/images/logo/ 		1 KB
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/logo/logo-1.svg
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
5ba84fb1d23c6b951b8349a5044c5c5cebce7a29068ae8240960fe1ae208445d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
logo-2.svg
14.itscanfinance.com/src/images/logo/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/logo/logo-2.svg
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
02339a1ab406a3cbeaadd337b9db33914ded678c05d48699711360dacd0b96cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"64ed75bb-6b36"
age
45942
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2B8X995fswqH%2FTLryDz4VVVKD0drX52z0UA6p7l9UMqhY%2BnpwwaGZKXdAWBKjo3VyCkzGN%2F4pME0O6Kro5dqtu9HG%2ByLfmZVU%2B%2BrYBuXxtorQ963v4MxhoxivGEi2E3kzumOW9D0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 05:38:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f4d48fdcc7d2c4a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
27446
server
cloudflare
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@11/ 		148 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.js
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4321e8409d1486f2484a85b5934dcdb79c30c407e3cb5f639893857f4b23d939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"25094-ufWB3m+nARYKObHQxt5KtnPwqYA"
age
19228
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220077-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
39661
x-jsd-version
11.1.15
modalPhoneError.js
14.itscanfinance.com/src/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://14.itscanfinance.com/src/js/modalPhoneError.js
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
0bd5dc97de86163a88e6982c16aad1323d8e3f4ff95a4e384a737588666a571d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
main.js
14.itscanfinance.com/src/js/ 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://14.itscanfinance.com/src/js/main.js
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
cf49d248fc0d0a49a338c5a0462f807c1242ebd7b003b0d19ba31734cf6848a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-85b"
age
112901
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60meeBGu0qiRyLiLqD%2BQmKxC9gFupJJtHCI1KCOtvHsKAAMlBdiUoWFcsLoeUUvElr2NKJyU971RyVh2cjvSg0D3LWHk5xSlzMPv7YmW4hlEryDgM6NnY6ag6d6iIqu9uTkYQ3iv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 05:38:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f4d48fe6cd12c4a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2139
server
cloudflare
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-223d"
age
45280
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRi6Z5DaceKCo8MkYxzFVoXYgPAgYU5hDkxAELlVfiidyJN9ywcrz%2FPK%2BwBKS%2BdHWQaTO76ln5SHOtMIkl6gvfDq5ROy%2BK1dKaUU1phbLf3N3NKEYItBcfBV2NO3sdrng270rWg8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 05:38:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f4d48fe6cd32c4a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8765
server
cloudflare
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/src/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f090d8d164f2fc67945ebb12af1d676601f85beb10005e7402d49119f8b90c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 05:38:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 20 Dec 2024 04:35:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JGTKikhU' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JGTKikhU' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4482, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
IcHhcSpmWTDwyvnRlbILkn3eShl573S5vJ+kbePQxoPiOvGuB/RFlaGhC//u3/G9lCB2NkRKiewtfDbZcPjqLQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
UcCo3FwrK3iLTcviYwY.woff2
fonts.gstatic.com/s/inter/v18/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://14.itscanfinance.com
Referer
https://fonts.googleapis.com/

Response headers

age
136538
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:42:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:42:37 GMT
last-modified
Mon, 29 Jul 2024 22:45:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
73080
x-xss-protection
0
server
sffe
UcCo3FwrK3iLTcvsYwYL8g.woff2
fonts.gstatic.com/s/inter/v18/ 		114 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcvsYwYL8g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
988613b02ff1754ac16055c42143888d6556921ac08a182b661e09bda6aadd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://14.itscanfinance.com
Referer
https://fonts.googleapis.com/

Response headers

age
280215
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 23:48:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 23:48:00 GMT
last-modified
Mon, 29 Jul 2024 22:45:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
117004
x-xss-protection
0
server
sffe
support.webp
14.itscanfinance.com/src/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/support.webp
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
03a2a3e61849960f4cdb3d9643c4c21d8b3b48b8c23d57c30c00b40ea71abdc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
image/webp
vary
Accept-Encoding
server
openresty
RXDV28I3-34490871.mp4
videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/
Redirect Chain
  • https://content.jwplatform.com/videos/lkCycqa1-IBxcO61U.mp4
  • https://videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/RXDV28I3-34490871.mp4
3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/RXDV28I3-34490871.mp4
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Server
2600:9000:2491:9400:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

vary
Origin
etag
"9a4f9c4feff4c71d33a53f55d18454e8"
x-amz-version-id
bWEq8s12Q53IPR1_Yz8d6KITqz4DW8qx
Content-Range
bytes 0-4015926/4015927
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
Content-Length
4015927
x-amz-cf-id
I-UBcB8igBDLadhLhCWbiMDe7W4nrEHygrp3g-ZvY1A3oPcfFrtBTg==
date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
video/mp4
last-modified
Wed, 20 Nov 2024 09:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256

Redirect headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=600
location
https://videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/RXDV28I3-34490871.mp4
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
FQJvs2-pbcxlJU1XPeQzGLKl8DiVdWtrPv-igOB9kz4FpRRwlg63Ow==
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
FRA60-P4
server
openresty
1
connect.facebook.net/signals/config/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1?v=2.9.179&r=stable&domain=14.itscanfinance.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
787ab51b65424e3ce2e86103b9163e4873924a5bed176ad4c0d630c36bb18209
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-k6baffd8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-k6baffd8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=71264, tp=67, tpl=0, uplat=149, ullat=0
pragma
public
x-fb-debug
FIqis7ekAyjG27VeDAWlToL88dOClBJTx8Co3BnmygN1jgjiQwBZ3yXD7iKis6Jm+navKgx4Fh/FZM1NRvDsKQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1&ev=PageView&dl=https%3A%2F%2F14.itscanfinance.com%2F&rl=&if=false&ts=1734673095650&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=28&it=1734673095487&coo=false&rqm=GET
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4531, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1&ev=PageView&dl=https%3A%2F%2F14.itscanfinance.com%2F&rl=&if=false&ts=1734673095650&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=28&it=1734673095487&coo=false&rqm=FGET
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450364213168443388"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 05:38:15 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SFnxSCfKMuXtljyywdVC1uQCX+uULYP7SU+Z4BnLTKkQdwe2vkmAn600MDU5WtSTAmDGUeu7PzUr1pwFpAPmgw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450364213168443388", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4899, tp=13, tpl=0, uplat=110, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
avatar-1.webp
14.itscanfinance.com/src/images/img-slider/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/img-slider/avatar-1.webp
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
19bb0a5ff56a372b4fd457420151273070ccfcbe254f755042df9797eeaf1186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
image/webp
vary
Accept-Encoding
server
openresty
avatar-2.webp
14.itscanfinance.com/src/images/img-slider/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/img-slider/avatar-2.webp
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
51b344e1e68687b61613802e0c524952598093757bef514283c475455ebb9088

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
image/webp
vary
Accept-Encoding
server
openresty
avatar-3.webp
14.itscanfinance.com/src/images/img-slider/ 		882 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/img-slider/avatar-3.webp
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
8a0b1c272fdd2a7bfef6f83b67ab6196b486eb235b2534d65d66c9398039c480

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
image/webp
vary
Accept-Encoding
server
openresty
avatar-4.webp
14.itscanfinance.com/src/images/img-slider/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://14.itscanfinance.com/src/images/img-slider/avatar-4.webp
Requested by
Host: 14.itscanfinance.com
URL: https://14.itscanfinance.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
1d9b53e0658f3ea35a981f9870d8675b8536e6c8e210bb96a9db8aef065524a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
image/webp
vary
Accept-Encoding
server
openresty
geolocation
getyourapi.site/api/ 		149 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getyourapi.site/api/geolocation
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software
openresty / Express
Resource Hash
4c34109fb3793c2036223660e12f5b3fc74ff15244f5e4a72a997a1de13feabe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://14.itscanfinance.com/

Response headers

access-control-max-age
600
x-request-id
0098176c-8a36-4812-aff9-58c011a55948
access-control-expose-headers
content-type, authorization, x-request-id
etag
W/"95-HvO0BkDlfICeEIGLVUoecCZmQAc"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://14.itscanfinance.com
content-length
149
date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
openresty
access-control-allow-headers
origin, content-type, accept, authorization
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-1062f"
age
41613
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOrRCwDm2VuxCTDcAvTjBtwmiHvxnTfZgCRPjKrvQQJw%2Fuco2ifeWzRngtsBJmyfs4WkYO%2FeuFgW3uuSdZpOKMb4BFdBmJxra3n4ll8waaIQHJzJpFoDj8FaFcWVMlEisgCFiU27"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 05:38:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
image/png; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f4d49036f1c2c4a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
67119
server
cloudflare
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 		244 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65a3eb4d-b3dd"
age
106881
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvHC6WBI2acZG3ahD1k5ruKPyKUSik%2BsUV8siaq0BVGnqfIqw8ahzVMP3HCRorkORV4pzYDGn9ldnZOLsHMB858RNNFiJVRf1S2QRsu4MjAQMO4HYVBpKZBF89HwjSX3BkwrQYaM"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 05:38:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Jan 2024 14:10:21 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f4d49050fbf2c4a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
46045
server
cloudflare
favicon.svg
14.itscanfinance.com/ 		1 KB
810 B 		Other
General
Check archive.org
Download Go to
Full URL
https://14.itscanfinance.com/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.245.112.202 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
172-245-112-202-host.colocrossing.com
Software
openresty /
Resource Hash
f0ade16dcc79172106472266dba6ab0d2945e67d164102d28bccd2d71f18e68a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://14.itscanfinance.com/

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
openresty
RXDV28I3-34490871.mp4
videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront.jwpsrv.com/67650777_3a692caa7a934a7a73586f0feae3c9f288ed39bd/content/conversions/LzlcdTVT/videos/RXDV28I3-34490871.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9400:3:37c9:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://14.itscanfinance.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=3637652-

Response headers

vary
Origin
etag
"9a4f9c4feff4c71d33a53f55d18454e8"
x-amz-version-id
bWEq8s12Q53IPR1_Yz8d6KITqz4DW8qx
Content-Range
bytes 3637652-4015926/4015927
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
Content-Length
378275
x-amz-cf-id
I-UBcB8igBDLadhLhCWbiMDe7W4nrEHygrp3g-ZvY1A3oPcfFrtBTg==
date
Fri, 20 Dec 2024 05:38:16 GMT
content-type
video/mp4
last-modified
Wed, 20 Nov 2024 09:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery function| Swiper function| _0x35c6 function| renderCardSlider function| startPulsingButtons function| setupCopyBetHandlers function| checkingVideoPlay function| createSlider function| checkScreenSizeSlider function| _0x2f6f function| initScrollTo function| loadCopyBetValues function| saveCopyBetValue function| updateUserCopyBet function| formatCopyBet function| initCopyBet function| renderDealTrader function| randomPosibleIncome function| getRandomItem function| getRandomIcon function| openModals function| removeElement function| initApp function| _0x1b5c function| _0x37ac object| intlTelInputGlobals function| intlTelInput function| parseURLParams object| intlTelInputUtils

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14.itscanfinance.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
content.jwplatform.com
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
videos-cloudfront.jwpsrv.com
www.facebook.com
104.17.25.14
157.240.0.35
157.240.0.6
172.217.18.3
172.245.112.202
2600:9000:225e:200:1:a3fa:7cc0:93a1
2600:9000:2491:9400:3:37c9:30c0:93a1
2a00:1450:4001:802::200a
2a04:4e42:400::485
3.122.218.248
02339a1ab406a3cbeaadd337b9db33914ded678c05d48699711360dacd0b96cb
03a2a3e61849960f4cdb3d9643c4c21d8b3b48b8c23d57c30c00b40ea71abdc8
0bd5dc97de86163a88e6982c16aad1323d8e3f4ff95a4e384a737588666a571d
189354735c4b4ad5b3bea7a72fd8dae8c3be93b2f08bcb4c65b1b8ad95e6235c
19bb0a5ff56a372b4fd457420151273070ccfcbe254f755042df9797eeaf1186
1d9b53e0658f3ea35a981f9870d8675b8536e6c8e210bb96a9db8aef065524a3
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
4321e8409d1486f2484a85b5934dcdb79c30c407e3cb5f639893857f4b23d939
4c34109fb3793c2036223660e12f5b3fc74ff15244f5e4a72a997a1de13feabe
51b344e1e68687b61613802e0c524952598093757bef514283c475455ebb9088
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
5ba84fb1d23c6b951b8349a5044c5c5cebce7a29068ae8240960fe1ae208445d
5ea78f71fd744fe23fcb2f87af99bc750ee73109922b5e81054abbee0aa48ba6
7465ca50f2c19fdb7c0b2ea0140f110b0e9e55fd922499a9044ac9e0b2e5b45a
7812953549c33bf1a1926eb1ee70843d23fad74819cc83824acdd576e821d589
787ab51b65424e3ce2e86103b9163e4873924a5bed176ad4c0d630c36bb18209
8a0b1c272fdd2a7bfef6f83b67ab6196b486eb235b2534d65d66c9398039c480
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a
988613b02ff1754ac16055c42143888d6556921ac08a182b661e09bda6aadd03
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
cf49d248fc0d0a49a338c5a0462f807c1242ebd7b003b0d19ba31734cf6848a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f090d8d164f2fc67945ebb12af1d676601f85beb10005e7402d49119f8b90c92
f0ade16dcc79172106472266dba6ab0d2945e67d164102d28bccd2d71f18e68a
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a