www.residencegov.com Open in urlscan Pro
2a00:1450:4001:829::2013  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.residencegov.com/	23 KB 8 KB	322ms 203ms	Document text/html	2a00:1450:4001:829::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5e056da122e21345b242448c247cb3f789c4a7e25b0283d16cb3df8c526ead63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers cache-control private, max-age=0 content-encoding gzip content-length 7563 content-type text/html; charset=UTF-8 date Thu, 08 Jun 2023 08:45:09 GMT etag W/"5397e9dc3fc4580c1b395b84dd764e15b92109a5479187b4b8bebdd544785ea8" expires Thu, 08 Jun 2023 08:45:09 GMT last-modified Tue, 06 Jun 2023 00:48:25 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	617 B 827 B	113ms 41ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Noto+Kufi+Arabic:wght@500&display=swap Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3125fd51493802eff19c0901ea940f4ee339be8c8e5100a0e1c4210812a66498 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 08 Jun 2023 08:45:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 08 Jun 2023 08:45:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 08 Jun 2023 08:45:09 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 543 B	113ms 41ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,300,600,700 Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 41d2c282b6841fe657142b7511ce15b1f4f33018798c4628edf2905707a3bb1f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 08 Jun 2023 08:45:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 08 Jun 2023 08:29:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 08 Jun 2023 08:45:09 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 84 KB	100ms 30ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 03 Jun 2023 21:42:42 GMT x-content-type-options nosniff age 385347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85589 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 21:42:42 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	84ms 34ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4202435 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kn989TvuH5d7OnmKkXhdKTnQfLmCq7DoXRmcVE6roRXdhFIkiqne4vCraY5PE9%2FfGHa%2FnZiaJQUET%2Ffz44G89JBJbCPP1S9ekxDtIV1jIfBMkHYzgnuzn1b3eChySZUK%2BXrZ9Ly0o0XHhEPsNlRAvoaJ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7d3fdb68accd3caa-CDG expires Tue, 28 May 2024 08:45:09 GMT
GET H2	200	Screenshot_2023-05-22-19-31-47-62_40deb401b9ffe8e1df2f1cc5ba480b12.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZGiSVN0hz54-iBwnVVc-nIarU_mGgIHdQ8ubaATGExqFhk2Yb4aeYzYmHLFzkrrZzhAkcSs09JBW1QkIS5pWLdh9WlAHzEtCnRb64ijPF2uQMgj91swn_qF2b7OHQ5dpvGNC99SWBmk6koYDQ...	332 KB 332 KB	816ms 743ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZGiSVN0hz54-iBwnVVc-nIarU_mGgIHdQ8ubaATGExqFhk2Yb4aeYzYmHLFzkrrZzhAkcSs09JBW1QkIS5pWLdh9WlAHzEtCnRb64ijPF2uQMgj91swn_qF2b7OHQ5dpvGNC99SWBmk6koYDQ35vNQgdwvjCUwjzn2XQ-14eHg0Wv5PTTSFlaQqIl4w/s2140/Screenshot_2023-05-22-19-31-47-62_40deb401b9ffe8e1df2f1cc5ba480b12.png Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 9b12d7bb89fe81b244f17c924f8d1d6dad8d7e6ec92235da7cecd736b4009135 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT x-content-type-options nosniff server fife etag "v5c9" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="Screenshot_2023-05-22-19-31-47-62_40deb401b9ffe8e1df2f1cc5ba480b12.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 339935 x-xss-protection 0 expires Fri, 09 Jun 2023 08:45:10 GMT
GET H2	200	Screenshot_20210418-200632-1.607c68e50f48b8.53555497%20(1).626c26d62c7322.014531935669.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMdVuiyrBfSblIZFaEHMR9C2kdJEjz4vqaSX7KMzWO7Aj90vmPpUxPfsaOjvZT8gOFIQPIoLE9Ks1PAVGRsWj8leUATckOR2pkkgvBrqd-5ZlWxq08v3lHQoEoDNXwG9rEPR4EwUkxGV8W0nZ_...	124 KB 124 KB	786ms 713ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMdVuiyrBfSblIZFaEHMR9C2kdJEjz4vqaSX7KMzWO7Aj90vmPpUxPfsaOjvZT8gOFIQPIoLE9Ks1PAVGRsWj8leUATckOR2pkkgvBrqd-5ZlWxq08v3lHQoEoDNXwG9rEPR4EwUkxGV8W0nZ_VJfrqyrNp7QwLs4FRtp-gc2YUs4CocpYoQBpzNBxYA/s524/Screenshot_20210418-200632-1.607c68e50f48b8.53555497%20(1).626c26d62c7322.014531935669.png Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e9e3c629274d3bdaaadc6b7b7d5562b5f31953a050ab693b5b3398898a4b1591 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT x-content-type-options nosniff server fife etag "v5c5" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="Screenshot_20210418-200632-1.607c68e50f48b8.53555497 (1).626c26d62c7322.014531935669.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126735 x-xss-protection 0 expires Fri, 09 Jun 2023 08:45:10 GMT
GET H2	200	logo_ar.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9gH6ptSu98bKq_pglxqFsm7GN5ha2QTx1fXwWWS5KmlLx1kWVQmrUJFwSUHQgPwkerezdExBPOpysxR8ZiQZf77inmwuaYmSSY6mMf6dM7N-8yzQDYvYCZaeWviio7xhLdIMwC_zEfU8DSUYJ...	55 KB 56 KB	734ms 661ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9gH6ptSu98bKq_pglxqFsm7GN5ha2QTx1fXwWWS5KmlLx1kWVQmrUJFwSUHQgPwkerezdExBPOpysxR8ZiQZf77inmwuaYmSSY6mMf6dM7N-8yzQDYvYCZaeWviio7xhLdIMwC_zEfU8DSUYJc5lHdcBMn3moRcJDs1tiFmTe9uBWquJbLF-g_JM-sA/s762/logo_ar.png Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6dd32855521e3bb6c99c1884e7d2ed7eaeab96dd1ee8c71a2fdc0b060397f185 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT x-content-type-options nosniff server fife etag "v5bf" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="logo_ar.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56725 x-xss-protection 0 expires Fri, 09 Jun 2023 08:45:10 GMT
GET H2	200	pngwing.com%20(3).png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOOWQbblrM5E9TAK7T1f1WZyGuYxYyX4pd4H5edoQEOYOvTqyy3vY0he5Rnn36X7vaGtgVuvfWMJIlA8-HJBqx9-AAAtKuc8E_1pQJ18MgOkT6yXzdwAgwDtqb6Adc39f0At8sZ4QBbdV0eP-v...	230 KB 230 KB	849ms 777ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOOWQbblrM5E9TAK7T1f1WZyGuYxYyX4pd4H5edoQEOYOvTqyy3vY0he5Rnn36X7vaGtgVuvfWMJIlA8-HJBqx9-AAAtKuc8E_1pQJ18MgOkT6yXzdwAgwDtqb6Adc39f0At8sZ4QBbdV0eP-vNedy39HKYJPw_Lc5mRQrBLZddImC5CKjcugyHyS1Pg/s16000/pngwing.com%20(3).png Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 85f9bb0167047021b405a13b6239f073447ac24e1d55494a2f94c3f8f5b139ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT x-content-type-options nosniff server fife etag "v5d5" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="pngwing.com (3).png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 235127 x-xss-protection 0 expires Fri, 09 Jun 2023 08:45:10 GMT
GET H2	200	856529054b8a94316fbf10b7342510aa1c9f79a.js Show response riosidra5.systeme.io/public/remote/page/	6 KB 6 KB	227ms 118ms	Script text/javascript	108.138.17.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://riosidra5.systeme.io/public/remote/page/856529054b8a94316fbf10b7342510aa1c9f79a.js Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-106.fra56.r.cloudfront.net Software nginx/1.24.0 / Resource Hash d58f94e611f9774bbf9124812296949dc1d0844e2facaf244837e25989239764 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT via 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront) x-content-type-options nosniff server nginx/1.24.0 x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront content-type text/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate, private x-robots-tag noindex x-amz-cf-id j92Hu70PZgx_RNk1vnApuXBJnsX_yyF6NJuRc4euCpz3FZDs7iuEDg== x-xss-protection 1; mode=block expires Thu, 08 Jun 2023 08:45:10 GMT
GET H2	200	pngwing.com%20(4).png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFM8T8KAtPTBqoLza8XGmrAlb0QmT38NFopzaPLVlllIeNdhXdCB5AXxNhao_L6GBtyERvMG6kfOZ7Qq3YZVImkfk0C90PyRS3T6SwmbqFjNoKa42z8TeNMnte_6noRkFr15lgZvMEH6ujaJ-Z...	30 KB 31 KB	671ms 599ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFM8T8KAtPTBqoLza8XGmrAlb0QmT38NFopzaPLVlllIeNdhXdCB5AXxNhao_L6GBtyERvMG6kfOZ7Qq3YZVImkfk0C90PyRS3T6SwmbqFjNoKa42z8TeNMnte_6noRkFr15lgZvMEH6ujaJ-ZbXnVwRoU3HzniB5C_QAzfC5YbL9azd9mSO8kaWiLZA/s320/pngwing.com%20(4).png Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b1d25cb6a0c93013e8087c53b9a1daff26ba4a1b950866a51381c25a03505c3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT x-content-type-options nosniff server fife etag "v5ce" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="pngwing.com (4).png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31023 x-xss-protection 0 expires Fri, 09 Jun 2023 08:45:10 GMT
GET H2	200	cookienotice.js Show response www.residencegov.com/js/	6 KB 2 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:829::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.residencegov.com/js/cookienotice.js Requested by Host: www.residencegov.com URL: https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://www.residencegov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 08 Jun 2023 07:53:48 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 2026 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Thu, 15 Jun 2023 08:45:09 GMT
GET H2	200	CSRp4ydQnPyaDxEXLFF6LZVLKrodhu8t57o1kDc5Wh5d37bNlrU.woff2 fonts.gstatic.com/s/notokufiarabic/v16/	23 KB 24 KB	98ms 30ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notokufiarabic/v16/CSRp4ydQnPyaDxEXLFF6LZVLKrodhu8t57o1kDc5Wh5d37bNlrU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Kufi+Arabic:wght@500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a3c848c20620ee333651422b48f451bc54252f06107d01d85bfff0687803f7c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.residencegov.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 03 Jun 2023 18:43:10 GMT x-content-type-options nosniff age 396120 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23792 x-xss-protection 0 last-modified Mon, 20 Mar 2023 20:35:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 18:43:10 GMT
GET H2	200	show Show response riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/ Frame D39D	40 KB 10 KB	151ms 151ms	Document text/html	108.138.17.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/remote/page/856529054b8a94316fbf10b7342510aa1c9f79a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-106.fra56.r.cloudfront.net Software nginx/1.24.0 / Resource Hash 56b7e6429f5010b41d18817735feb56f5bf91148f375783cffda1d003c9d9fa5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.residencegov.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers cache-control max-age=0, must-revalidate, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 08 Jun 2023 08:45:10 GMT expires Thu, 08 Jun 2023 08:45:10 GMT server nginx/1.24.0 vary Accept-Encoding via 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront) x-amz-cf-id T0u7UYcY4hJMtfgqmxFJdkShebjdiNI-QfQEji02pWupdYWKKRVxLw== x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront x-content-type-options nosniff x-robots-tag noindex x-xss-protection 1; mode=block
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	54ms 28ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin https://www.residencegov.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Thu, 08 Jun 2023 08:45:10 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 741532 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34RkQCVupeZk%2BATvKFIaFE5ZoIdPxs7Gxd78hBpGWiCU9ceOSE%2B%2F3D9iYszzrz%2BOt4KkHBf8kexhYTgZgnYKtpzAf3EVWzKUIcDsoBJrGhh9Hl7tKfR5a0ZUl4JCwwVxae2kc7o%2FDp%2Fk3cD7ZeKgQF0m"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7d3fdb6a1cde3c8f-CDG expires Tue, 28 May 2024 08:45:10 GMT
GET H2	200	polyfill.min.js Show response cdn.polyfill.io/v2/ Frame D39D	100 B 674 B	84ms 22ms	Script text/javascript	2a04:4e42::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 08 Jun 2023 08:45:10 GMT age 192960 detected-user-agent Chrome Mobile/114.0.0 useragent_normaliser chrome/114.0.0 server-timing HIT, fastly;desc="Edge time";dur=0 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113 referrer-policy origin-when-cross-origin last-modified Wed, 03 May 2023 00:17:37 GMT fastly_service_version 195 vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/114.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	all.min.css d3fit27i5nzkqh.cloudfront.net/assets/css/ Frame D39D	486 KB 82 KB	116ms 37ms	Stylesheet text/css	2600:9000:21f3:4800:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:4800:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 24 Apr 2023 20:52:05 GMT content-encoding gzip via 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront) last-modified Wed, 18 May 2022 12:25:57 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 3844386 etag W/"325672b036bab9b57f6873aed5eccc43" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=31536000,public x-amz-cf-id 6xDQy5mXKc_7LRRl3S4pBd0XS3qlZtIpXHKcX4kPKmxwMYIPR8FqUQ==
GET H2	200	runtimeSimplePage.6525755ed16e40f11e2f.js Show response d3fit27i5nzkqh.cloudfront.net/js/ Frame D39D	2 KB 1 KB	76ms 76ms	Script application/javascript	2600:9000:21f3:4800:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.6525755ed16e40f11e2f.js Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:4800:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e6e6bcec8cf0fab66c48aea5ba1e6cfa240580212d714019a81493caad1c2b99 Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 03 Apr 2023 10:12:16 GMT content-encoding gzip via 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront) last-modified Thu, 30 Mar 2023 13:23:10 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 5697175 etag W/"7e48280fb388cda9c9571931b0370d17" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id _UlVPbv3IrGKBwosgNFGYd9ZWQzRhKc7M2TRKO43VqCNrAK7aB3udQ==
GET H2	200	simplePage.eca05e81eda8cf2b1742.js Show response d3fit27i5nzkqh.cloudfront.net/js/ Frame D39D	488 KB 80 KB	37ms 36ms	Script application/javascript	2600:9000:21f3:4800:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/js/simplePage.eca05e81eda8cf2b1742.js Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:4800:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 532982215c56b69231aaddb2e2849ab1fc74a00a55639cf1202b82c958681566 Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 05 Jun 2023 14:30:01 GMT content-encoding br via 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront) last-modified Mon, 05 Jun 2023 14:29:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 238510 etag W/"e122fbd963cb188da2ba59ccb15685d7" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id ApiY1cPC29LZyrgArt-pa-BwmQrVTwU_niMtURyX8-1KGYlJsHuZIw==
GET H2	200	vendors~simplePage.1fb37d24bdd9e96a0de1.js Show response d3fit27i5nzkqh.cloudfront.net/js/ Frame D39D	845 KB 247 KB	46ms 46ms	Script application/javascript	2600:9000:21f3:4800:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.1fb37d24bdd9e96a0de1.js Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:4800:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f5c6aae10644f6795f7f6ce1d1fdca28f1b3ced34ac660b1ae53c2bab0b88462 Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Mon, 01 May 2023 13:10:08 GMT content-encoding gzip via 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront) last-modified Mon, 01 May 2023 13:10:01 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 3267303 etag W/"b2bc303c095b22a0cc7f837ed711d581" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id rOOAAwdkE5fk4PS4_ZdGKKOrE9CrXcFFMjl86drCNrnQJkpWHP3Kwg==
GET H2	200	5dd17c344fef7_gym1-507.jpg d1yei2z3i6k35z.cloudfront.net/systeme-common/ Frame D39D	11 KB 11 KB	133ms 34ms	Image application/octet-stream	2600:9000:214f:fe00:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5dd17c344fef7_gym1-507.jpg Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:fe00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 339968d177d70ea13576dbfb4f7168bc1a8ed09dd4e73b25ec76a46f4cd4b8f6 Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:21:23 GMT via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) last-modified Sun, 17 Nov 2019 16:58:29 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 487428 etag "173603e359fc2d1e2b68045f0f98a822" vary Origin x-cache Hit from cloudfront content-type application/octet-stream accept-ranges bytes x-robots-tag noindex content-length 10941 x-amz-cf-id pyzEddle5oSEgWminPikt7ozgm9BKKpCUEgW0hY4tN02QSwq7gC5GQ==
GET H2	200	5dd17c347c62e_sea-wallpaper.jpg d1yei2z3i6k35z.cloudfront.net/systeme-common/ Frame D39D	119 KB 119 KB	139ms 40ms	Image application/octet-stream	2600:9000:214f:fe00:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5dd17c347c62e_sea-wallpaper.jpg Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:fe00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 69d31b96f64a759ebdfc7f24f5866062def7936955a35ebe916ae015928d9a5a Request headers accept-language fr-FR,fr;q=0.9 Referer https://riosidra5.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Fri, 02 Jun 2023 17:21:23 GMT via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) last-modified Sun, 17 Nov 2019 16:58:29 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 487428 etag "1fa4453effc3365e2b2984f00ebc9330" vary Origin x-cache Hit from cloudfront content-type application/octet-stream accept-ranges bytes x-robots-tag noindex content-length 121783 x-amz-cf-id I2VwRUeRpeig4ssQb1kxGjmVpflvALu1bgFrcfl4p44oOozQJnbP2A==
GET H/1.1	200 OK	regular.woff2 s3.eu-west-1.amazonaws.com/shared.systeme.io/fonts/google-fonts/oswald/ Frame D39D	22 KB 23 KB	139ms 61ms	Font font/woff2	52.218.45.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.eu-west-1.amazonaws.com/shared.systeme.io/fonts/google-fonts/oswald/regular.woff2 Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.45.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash a741620cb3413b67c0a1a8a6062adac38b45d7d0f69d0d8e5292cfd45cb85b7d Request headers Referer https://riosidra5.systeme.io/ Origin https://riosidra5.systeme.io accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 08:45:11 GMT Last-Modified Fri, 14 Apr 2023 06:24:47 GMT Server AmazonS3 x-amz-request-id 1NP6K719BBTFV0S9 ETag "dfe09c70c857e96a8c6dd0ca0f4b9124" x-amz-server-side-encryption AES256 Access-Control-Max-Age 31536000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type font/woff2 Accept-Ranges bytes Content-Length 22672 x-amz-id-2 MiWql4+m/ODfO2GU/YfpVbeyJ/Hg64JiteBCFD1epvZivOBAkawoQBdPYPDT4oQPwGfYfnpyloI=
GET H/1.1	200 OK	700.woff2 s3.eu-west-1.amazonaws.com/shared.systeme.io/fonts/google-fonts/cairo/ Frame D39D	32 KB 33 KB	150ms 65ms	Font font/woff2	52.218.45.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.eu-west-1.amazonaws.com/shared.systeme.io/fonts/google-fonts/cairo/700.woff2 Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.45.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash 164dd582bc8e861f7bb3ae2c0f671973dc8a00e8c75711dd36b8e019b420c2db Request headers Referer https://riosidra5.systeme.io/ Origin https://riosidra5.systeme.io accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 08:45:11 GMT Last-Modified Fri, 14 Apr 2023 06:22:54 GMT Server AmazonS3 x-amz-request-id 1NPCE6HEH0TSKEE6 ETag "ecd5e003b04fd1179f3e0b449747595a" x-amz-server-side-encryption AES256 Access-Control-Max-Age 31536000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type font/woff2 Accept-Ranges bytes Content-Length 32744 x-amz-id-2 E4GlxllRGKeEgxipTZCHGKMpEEVHe6E6jdgY1Fzr0PGfylnUVRHv/NE4u3Vn7Ukx/jaSUtCk/Ws=
GET H/1.1	200 OK	regular.woff2 s3.eu-west-1.amazonaws.com/shared.systeme.io/fonts/google-fonts/cairo/ Frame D39D	31 KB 32 KB	144ms 59ms	Font font/woff2	52.218.45.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.eu-west-1.amazonaws.com/shared.systeme.io/fonts/google-fonts/cairo/regular.woff2 Requested by Host: riosidra5.systeme.io URL: https://riosidra5.systeme.io/public/856529054b8a94316fbf10b7342510aa1c9f79a/show?hostname=qatar.systeme.io?source=https://www.residencegov.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.45.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash 5736857cee39642502e4f0fa7801e3143086aa749f33f27c9ebec8560a2e4122 Request headers Referer https://riosidra5.systeme.io/ Origin https://riosidra5.systeme.io accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 08:45:11 GMT Last-Modified Fri, 14 Apr 2023 06:22:54 GMT Server AmazonS3 x-amz-request-id 1NPA6MF60QN5PRG5 ETag "d28d03e0632ac277bc8fd23359992f44" x-amz-server-side-encryption AES256 Access-Control-Max-Age 31536000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type font/woff2 Accept-Ranges bytes Content-Length 31896 x-amz-id-2 GNiTEPuFuNYechplfHl210DxZQ0+eJP52RgETRFp/lkLcLvVdw6aVbgJ/hPOTcwyst3ltglq03o=

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| adsbygoogle function| $ function| jQuery object| _0xd069 object| onLoadStack string| url object| eventListeners object| cookieChoices

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			riosidra5.systeme.io/	1970-01-20 21:59:33	Name: v Value: ba1b3a4fd5ea64fa1d81b0cb76831678f58eeace464cdbdd2d7fa856a0b7a8aa

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.residencegov.com/#(Line 16) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
blogger.googleusercontent.com
cdn.polyfill.io
cdnjs.cloudflare.com
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
riosidra5.systeme.io
s3.eu-west-1.amazonaws.com
www.residencegov.com
108.138.17.106
2600:9000:214f:fe00:f:a462:c1c0:93a1
2600:9000:21f3:4800:1c:d937:ae40:93a1
2606:4700::6811:190e
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2013
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a04:4e42::282
52.218.45.184
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
164dd582bc8e861f7bb3ae2c0f671973dc8a00e8c75711dd36b8e019b420c2db
3125fd51493802eff19c0901ea940f4ee339be8c8e5100a0e1c4210812a66498
339968d177d70ea13576dbfb4f7168bc1a8ed09dd4e73b25ec76a46f4cd4b8f6
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
41d2c282b6841fe657142b7511ce15b1f4f33018798c4628edf2905707a3bb1f
532982215c56b69231aaddb2e2849ab1fc74a00a55639cf1202b82c958681566
56b7e6429f5010b41d18817735feb56f5bf91148f375783cffda1d003c9d9fa5
5736857cee39642502e4f0fa7801e3143086aa749f33f27c9ebec8560a2e4122
5e056da122e21345b242448c247cb3f789c4a7e25b0283d16cb3df8c526ead63
69d31b96f64a759ebdfc7f24f5866062def7936955a35ebe916ae015928d9a5a
6dd32855521e3bb6c99c1884e7d2ed7eaeab96dd1ee8c71a2fdc0b060397f185
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3c848c20620ee333651422b48f451bc54252f06107d01d85bfff0687803f7c
85f9bb0167047021b405a13b6239f073447ac24e1d55494a2f94c3f8f5b139ef
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9b12d7bb89fe81b244f17c924f8d1d6dad8d7e6ec92235da7cecd736b4009135
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a741620cb3413b67c0a1a8a6062adac38b45d7d0f69d0d8e5292cfd45cb85b7d
b1d25cb6a0c93013e8087c53b9a1daff26ba4a1b950866a51381c25a03505c3a
d58f94e611f9774bbf9124812296949dc1d0844e2facaf244837e25989239764
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e6e6bcec8cf0fab66c48aea5ba1e6cfa240580212d714019a81493caad1c2b99
e9e3c629274d3bdaaadc6b7b7d5562b5f31953a050ab693b5b3398898a4b1591
f5c6aae10644f6795f7f6ce1d1fdca28f1b3ced34ac660b1ae53c2bab0b88462