urlscan.io logo urlscan.io
SecurityTrails logo

bankyaw.xyz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://bankyaw.xyz/
Submission: On July 17 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bankyaw.xyz.
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.
This is the only time bankyaw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 11 66.70.203.130 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
34 6
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bankyaw.xyz
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    66.70.203.130 (Canada)

ASN16276 (OVH, FR)
PTR: vps.citizenlab.ca
citizenlab.ca
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
11 citizenlab.ca
citizenlab.ca
183 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
12 KB
2 bankyaw.xyz
bankyaw.xyz
16 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
103 KB
34 5
Domain Requested by
11 citizenlab.ca 1 redirects bankyaw.xyz
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 bankyaw.xyz bankyaw.xyz
1 www.youtube-nocookie.com bankyaw.xyz
1 www.googletagmanager.com bankyaw.xyz
34 5
Subject Issuer Validity Valid
bankyaw.xyz
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
citizenlab.ca
R10		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bankyaw.xyz/
Frame ID: 5F66FD26FA1B704056E638A4857A67BD
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Jsa0NKiryNM?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=0&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Frame ID: 4E014987C7BFFBEF32E0F9F7830E9DC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Citizen Lab - University of Toronto

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

44 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

314 kB
Transfer

582 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png&nocache=1 HTTP 302
  • https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bankyaw.xyz/ 		65 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bankyaw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a9f2d86f01c350f5bea38fc8d96d0d1014073449673f84bdebde8d90c414a224
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://targetedthreats.net
age
1039
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a47be1398af1c40-FRA
content-encoding
br
content-security-policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
content-type
text/html; charset=UTF-8
date
Wed, 17 Jul 2024 05:13:25 GMT
feature-policy
sync-xhr 'self'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1SCjUXTA12B2UjktKZ6mFa96ljELhkzTzLOJOb1P%2FEgpwmjBI1M0DrNJYnna86RXYIk4frmeauTaXwxiKnTapODsrmXOWnkcjWdqJYni0g8huvlyvQvHdT%2FHcLAuEqg5NZVxMByJ%2BhZhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
via
1.1 varnish-v4
x-cache
HIT
x-cache-svr
citizenlab.ca
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-varnish
5147694 5933696
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		312 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c9c40b3aa2298d00db7ea635063fe4897ed2abd426cffff3a78177132ae8917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 05:13:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105336
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jul 2024 05:13:25 GMT
CL-logo-3-headed.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/CL-logo-3-headed.png
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
a697516b3931d47c9536d0e3643c6baabb14437558ef2f0386e3045583fff79b
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81334
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-12fa"
X-Frame-Options
SAMEORIGIN
X-Varnish
8684262 3969973
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
MunkSchool-WHT.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/MunkSchool-WHT.png
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
1a6200b14c640e875c4bcc5cb418261017a8c752d66115257509c409ef485834
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81334
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-5106"
X-Frame-Options
SAMEORIGIN
X-Varnish
5147714 5933573
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
style.min.css
citizenlab.ca/wp-includes/css/dist/block-library/ 		0
0
bigfoot-number.css
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
ytprefs.min.css
citizenlab.ca/wp-content/plugins/youtube-embed-plus/styles/ 		0
0
tachyons.css
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/ 		0
0
style.css
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/ 		0
0
all.min.css
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/fontawesome/css/ 		0
0
jquery.min.js
citizenlab.ca/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
citizenlab.ca/wp-includes/js/jquery/ 		0
0
ytprefs.min.js
citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ 		0
0
modernizr.custom.min.js
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/libs/ 		0
0
Jsa0NKiryNM
www.youtube-nocookie.com/embed/ Frame 4E01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/Jsa0NKiryNM?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=0&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankyaw.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jul 2024 05:13:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
webpc-passthru.php
citizenlab.ca/wp-content/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/05/featured-image@3x-605x340.png&nocache=1
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
0f5f731f5de1fcf769f75529bc8446ec4b93b3e47c6978095527894497bc8008
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81119
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
8684264 6522926
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
featured-image-1-605x340.gif
citizenlab.ca/wp-content/uploads/2024/04/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/uploads/2024/04/featured-image-1-605x340.gif
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
0c987015595939713e794708c192140cc10e81ac1d4dea4447fb7b73310b3e8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81119
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 23 Apr 2024 02:59:15 GMT
Server
nginx/1.21.6
ETag
W/"66272403-94d4"
X-Frame-Options
SAMEORIGIN
X-Varnish
5147718 1969681
Content-Type
image/gif
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/02/paperwall-featuredimage@2x-605x340.png&nocache=1
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
7bfc79e2249c71f0c32ac13cc9e45c8f763d8a07888560cb9ac3916029781d75
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81118
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
5147720 4326383
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2023/11/lkq-featuredimage-605x340.png&nocache=1
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
aa6e3aa3b9bbbf87e06806be557c6ac46391b061b1408a441f2bc94bcea7aab1
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81118
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
8684266 1969684
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
submission-post-1-297x167.png
citizenlab.ca/wp-content/uploads/2024/03/
Redirect Chain
  • https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png&nocache=1
  • https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png
63 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
d6cd5936c757e44a865bba99365688e3cd0211093d8ef934eddd3c73242e7a99
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81118
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 Mar 2024 16:23:18 GMT
Server
nginx/1.21.6
ETag
W/"65f86a76-fdde"
X-Frame-Options
SAMEORIGIN
X-Varnish
5147732 1378602
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca

Redirect headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81118
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png
X-Varnish
8684268 5996618
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/01/Job-featured-image-297x167.png&nocache=1
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
cb4d6e7dac6e19dbecc74dd763bafbd3dc43a8f59c9f68c270f6f8401c2d7f82
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81118
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
5147726 1378599
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/01/Announcement-297x167.png&nocache=1
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
fdba89c57664f3acbce6f3a8babb86b8da446220894eff4b8a6e82764ffe7a89
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:25 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81118
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
5282588 6522932
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
email-decode.min.js
bankyaw.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankyaw.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bankyaw.xyz
URL: https://bankyaw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 05:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2024 17:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6691639c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqqtVdgm4xjuoZzBmRsUhQeK5PFIsTHRjgBgZqW3zHR3p2Fq7STNbKHdV3mNt8Gw5ZkBsumNg4lciOkwKnGFLq8i11J%2BX3CJ1pJDIGoXk5W60UoYp4Q8Y4J1vSv4Yrw84dqEV8TKJt0V%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a47be1caa8b1c40-FRA
expires
Fri, 19 Jul 2024 05:13:25 GMT
bigfoot.js
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
bigfoot.min.js
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
bigfoot-function.js
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
fitvids.min.js
citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ 		0
0
search-menu.js
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/ 		0
0
jquery.details.min.js
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/jquery-details/ 		0
0
forms.js
citizenlab.ca/wp-content/plugins/mailchimp-for-wp/assets/js/ 		0
0
wp-emoji-release.min.js
citizenlab.ca/wp-includes/js/ 		0
0
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9283a482e1af6ea7a6dd0bc35e5acd476f46dee5ddc2601bddecb2db416dc2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 05:13:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 17 Jul 2024 05:13:25 GMT
www-widgetapi.js
www.youtube.com/s/player/65e3708e/www-widgetapi.vflset/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/65e3708e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb34150905a3d5ae56c7b9d66a658a0ed0de85b1e9a41282e2e82c326831aec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 20:46:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
30403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10405
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 04:17:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 16 Jul 2025 20:46:42 GMT
favicon-32x32.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		646 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
81d5eb4bd52f34d3d1768c20b7aa87ba38cdd06d29d8ece8cf0060b9b1065f13
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 05:13:28 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
81136
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-286"
X-Frame-Options
SAMEORIGIN
X-Varnish
2297499 1378596
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/css/dist/block-library/style.min.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-number.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/tachyons.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/style.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/fontawesome/css/all.min.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/js/jquery/jquery.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/js/jquery/jquery-migrate.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/libs/modernizr.custom.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-function.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/search-menu.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/jquery-details/jquery.details.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/js/wp-emoji-release.min.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| _EPYT_ function| gtag object| dataLayer object| mc4wp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady

5 Cookies

Domain/Path Name / Value
.bankyaw.xyz/ Name: _ga_RCDQQLPVF0
Value: GS1.1.1721193205.1.0.1721193205.0.0.0
.bankyaw.xyz/ Name: _ga
Value: GA1.1.1439744848.1721193205
.youtube.com/ Name: YSC
Value: NwesoimfHFw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wGzeU0g5BqM
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJOTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgbg%3D%3D

24 Console Messages

Source Level URL
Text
security error URL: https://bankyaw.xyz/(Line 73)
Message:
Refused to create a worker from 'blob:https://bankyaw.xyz/6c380df2-f8b7-48ca-8132-a07e13b399bb' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 90)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-includes/css/dist/block-library/style.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 117)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-number.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 118)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 126)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/tachyons.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 127)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/style.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 131)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/fontawesome/css/all.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-includes/js/jquery/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-includes/js/jquery/jquery-migrate.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/libs/modernizr.custom.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://bankyaw.xyz/(Line 596)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-function.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/search-menu.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/jquery-details/jquery.details.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bankyaw.xyz/(Line 73)
Message:
Refused to load the script 'https://citizenlab.ca/wp-includes/js/wp-emoji-release.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47f0v896993804za200&_p=1721193205072&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1439744848.1721193205&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721193205&sct=1&seg=0&dl=https%3A%2F%2Fbankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&_ee=1&ep.anonymize_ip=true&tfd=1831&_z=fetch' because it violates the following Content Security Policy directive: "connect-src 'self' www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47f0v896993804za200&_p=1721193205072&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1439744848.1721193205&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721193205&sct=1&seg=0&dl=https%3A%2F%2Fbankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&_ee=1&ep.anonymize_ip=true&tfd=1831&_z=fetch' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47f0v896993804za200&_p=1721193205072&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1439744848.1721193205&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1721193205&sct=1&seg=0&dl=https%3A%2F%2Fbankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=user_engagement&ep.anonymize_ip=true&_et=4408&tfd=6244&_z=fetch' because it violates the following Content Security Policy directive: "connect-src 'self' www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47f0v896993804za200&_p=1721193205072&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1439744848.1721193205&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1721193205&sct=1&seg=0&dl=https%3A%2F%2Fbankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=user_engagement&ep.anonymize_ip=true&_et=4408&tfd=6244&_z=fetch' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block