am.client12.xyz Open in urlscan Pro
51.178.161.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://am.client12.xyz/
Submission: On March 25 via automatic, source certstream-suspicious (March 25th 2021, 1:31:08 am UTC)

Summary HTTP 79 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 79 HTTP transactions. The main IP is 51.178.161.64, located in France and belongs to OVH, FR. The main domain is am.client12.xyz.
TLS certificate: Issued by R3 on March 24th 2021. Valid for: 3 months.

This is the only time am.client12.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	51.178.161.64 51.178.161.64	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	50.87.171.203 50.87.171.203	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3037::ac43:9feb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.214.148.3 162.214.148.3	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	13.226.152.108 13.226.152.108	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
79	20

5 51.178.161.64 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: tdn-51-178-161-64.gtranslate.net

am.client12.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 50.87.171.203 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-171-203.unifiedlayer.com

client12.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3037::ac43:9feb (United States)

ASN13335 (CLOUDFLARENET, US)

gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tdns0.gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.214.148.3 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.stf.obm.mybluehost.me

lefca.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.152.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-152-108.dus51.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	client12.xyz 3 redirects am.client12.xyz client12.xyz	719 KB
16	googleapis.com translate.googleapis.com	127 KB
7	gtranslate.net gtranslate.net tdns0.gtranslate.net	36 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	google.com translate.google.com www.google.com	3 KB
4	lefca.org lefca.org	390 KB
4	cloudflare.com cdnjs.cloudflare.com	172 KB
3	gstatic.com www.gstatic.com	5 KB
2	yandex.ru 1 redirects mc.yandex.ru	44 KB
2	jquery.com code.jquery.com	48 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	33 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	jsdelivr.net cdn.jsdelivr.net	8 KB
1	mailchimp.com cdn-images.mailchimp.com	2 KB
79	14

	Domain	Requested by
26	client12.xyz	am.client12.xyz client12.xyz
16	translate.googleapis.com	am.client12.xyz translate.google.com translate.googleapis.com srcdoc
5	mc.yandex.com	2 redirects am.client12.xyz
5	tdns0.gtranslate.net	am.client12.xyz
5	am.client12.xyz	3 redirects am.client12.xyz
4	lefca.org	am.client12.xyz
4	cdnjs.cloudflare.com	am.client12.xyz cdnjs.cloudflare.com
3	www.google.com	am.client12.xyz translate.googleapis.com
3	www.gstatic.com	translate.googleapis.com am.client12.xyz
2	mc.yandex.ru	1 redirects am.client12.xyz
2	translate.google.com	am.client12.xyz
2	gtranslate.net	am.client12.xyz
2	code.jquery.com	am.client12.xyz
2	stackpath.bootstrapcdn.com	am.client12.xyz
1	www.googletagmanager.com	am.client12.xyz
1	cdn.jsdelivr.net	am.client12.xyz
1	cdn-images.mailchimp.com	am.client12.xyz
79	17

This site contains links to these domains. Also see Links.

Domain
us10.campaign-archive.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
lefemployment.org
t.me
clientsupport.settingthemenu.ca

Subject Issuer	Validity	Valid
fr.client12.xyz R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
webmail.client12.xyz R3	`2021-02-24` - `2021-05-25`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
mail.lefca.org R3	`2021-02-17` - `2021-05-18`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://am.client12.xyz/
Frame ID: 998D3228CABBB3860681A4592538A6D2
Requests: 70 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: B388D792C527B4FE7F42A9C4AB8462DF
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 5668B7F98BE59EAF67D4117C2E574A4C
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 6E94D1E84E570F067B088959D545B5B5
Requests: 5 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 53F7E7A08754015BFEA0A3CA8C7B7061
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 540C28C06672D81181943ADCD6AE1DE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

79
Requests

96 %
HTTPS

79 %
IPv6

14
Domains

17
Subdomains

20
IPs

5
Countries

1624 kB
Transfer

2640 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://us10.campaign-archive.com/?u=04afe0a1b238e56e9b45b3b32&id=461128d546
Title: ተጨማሪ ያንብቡ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/learningenrichment.foundation

Search URL Search Domain Scan URL

URL: https://twitter.com/lef_to

Search URL Search Domain Scan URL

URL: https://www.instagram.com/explore/locations/244562915/the-learning-enrichment-foundation/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCtSWr7XTJpIRIBFTLpcANzw

Search URL Search Domain Scan URL

URL: https://lefemployment.org/careers/
Title: የሙያ

Search URL Search Domain Scan URL

URL: https://t.me/gerryvalentino
Title:

Search URL Search Domain Scan URL

URL: https://clientsupport.settingthemenu.ca/en/client/login
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://am.client12.xyz/admin/resources/settlement-nss.jpg HTTP 301
https://client12.xyz/admin/resources/settlement-nss.jpg

Request Chain 41

https://am.client12.xyz/admin/resources/raphmfawebsitebanner.jpg HTTP 301
https://client12.xyz/admin/resources/raphmfawebsitebanner.jpg

Request Chain 42

https://am.client12.xyz/admin/resources/job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg HTTP 301
https://client12.xyz/admin/resources/job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg

Request Chain 67

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9222.WH4pM7hBITYYqPCXhrpv4ocWRIft89kPxqcMydx6xCspxKaQAa5_P9efIVSeSY74.M9u7M9BCS1Fi23EtZJqGjMnneSk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9222.858As1j-YeChvRz-Ir84XThd6GYYadnpEiHbb6BEURJMSplwUptzntjR2SHfvPCu1-WNKJihmiX_DkDOuIk06Q%2C%2C.xReUT-p928NcNdJfz6u0ijVQkK8%2C

Request Chain 76

https://mc.yandex.com/watch/36618640?wmode=7&page-url=https%3A%2F%2Fam.client12.xyz%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A2374%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1226388838244%3Ahid%3A737790651%3Az%3A60%3Ai%3A20210325023047%3Aet%3A1616635847%3Ac%3A1%3Arn%3A716292835%3Au%3A1616635847758226649%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616635844329%3Ads%3A0%2C76%2C1045%2C1%2C0%2C0%2C%2C1590%2C0%2C%2C%2C%2C2714%3Adsn%3A1%2C75%2C1045%2C1%2C0%2C0%2C%2C1591%2C1%2C%2C%2C%2C2714%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616635848%3At%3A%E1%8A%A0%E1%8B%B2%E1%88%B5%20%E1%89%A0%E1%88%AD HTTP 302
https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fam.client12.xyz%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A2374%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1226388838244%3Ahid%3A737790651%3Az%3A60%3Ai%3A20210325023047%3Aet%3A1616635847%3Ac%3A1%3Arn%3A716292835%3Au%3A1616635847758226649%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616635844329%3Ads%3A0%2C76%2C1045%2C1%2C0%2C0%2C%2C1590%2C0%2C%2C%2C%2C2714%3Adsn%3A1%2C75%2C1045%2C1%2C0%2C0%2C%2C1591%2C1%2C%2C%2C%2C2714%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616635848%3At%3A%E1%8A%A0%E1%8B%B2%E1%88%B5%20%E1%89%A0%E1%88%AD

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
am.client12.xyz/ 49 KB
13 KB 1122ms
1045ms Document
text/html 51.178.161.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://am.client12.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.178.161.64 , France, ASN16276 (OVH, FR),

Reverse DNS

tdn-51-178-161-64.gtranslate.net

Software

gtranslate /

Resource Hash

29192701a1e61a7c5e3b1e49e932d3000b5815c560b0722cb5839134e85b7ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: am.client12.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
server: gtranslate
content-language: am
x-gt-cache-status: BYPASS
vary: Accept-Encoding
date: Thu, 25 Mar 2021 01:30:44 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-frame-options: deny
x-robots-tag: noinfex, follow
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/5.0.0-alpha1/css/ 142 KB
19 KB 35ms
32ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/5.0.0-alpha1/css/bootstrap.min.css

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d7c871495a30136d9381e3b7463a58c319c8c5343fd3cdfe91fe0c5ccac5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://am.client12.xyz
Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617
access-control-allow-origin: *
cdn-cachedat: 2021-03-11 11:59:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a735700004e8bc11d2000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b90ac1d0902c2c9b1d1f9845a26dd92b
cf-ray: 635460322ee34e8b-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.css
client12.xyz/css/ 177 KB
37 KB 591ms
286ms Stylesheet
text/css 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/css/bootstrap.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 243fad2ac7e668c64180ebba33e08168699ad8f2fcea888e74c7c85d63fdcd28

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 17:58:05 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 custom.css
client12.xyz/css/ 21 KB
6 KB 478ms
174ms Stylesheet
text/css 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/css/custom.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 4009e5d0a5c689ce1829129d9d251d3d5bce5d34394b2dd9b849f820f6bc5cad

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 18:02:52 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6001

GET
H2 200 queries.css
client12.xyz/css/ 5 KB
2 KB 478ms
173ms Stylesheet
text/css 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/css/queries.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 6fc9e6d46441826a1f4c8db023e4df46f7bb0e88388ae9a88ceed542d58c1cc5

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 23:59:04 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1444

GET
H2 200 js_map.css
client12.xyz/css/ 5 KB
2 KB 478ms
174ms Stylesheet
text/css 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/css/js_map.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 1b79aca58ee5f9a2869f7f4796ba886c5a4117242b5fb7524f65237ea035b695

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 18:37:00 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1835

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 24ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1616635845.dop239.fr8.t,1616635845.cds250.fr8.hc,1616635845.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 13ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 547233
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 09089a735400004abc530d4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=deTHN3JYJt2ocfI4CgYBho14l%2BRYMDmNuCJhloEkHMvQz3FiF7JvEj6x7vmu%2FYvp%2F56i8So5Faq1r4KPDh7L%2FmM7upZSdViOZRPyj8UsHHaI7%2FPTWUHqVe8nhVYSSMGr0g%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 635460321f604abc-FRA
expires: Tue, 15 Mar 2022 01:30:45 GMT

GET
H2 404 font-awesome.min.css
client12.xyz/font-awesome-4.7.0/css/ 0
0 723ms
420ms Stylesheet
text/html 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: /
Resource Hash

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 font-awesome.css
client12.xyz/font-awesome-4.7.0/css/ 0
0 723ms
420ms Stylesheet
text/html 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/font-awesome-4.7.0/css/font-awesome.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: /
Resource Hash

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 13ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 930368
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
cf-request-id: 09089a735400004abc34b17000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7BRcqdky10RcGWu4qpH8LnbybVzAm5svkKhEitYPPC51TofNqtYstL2tHkHP5vJWS%2F5tx8UsYOz1g%2FKtbZFX7Max1e89kxG0RCVkcOL0eDDuDAWmi2trfIf0i7CBrxnUhw%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 635460322f614abc-FRA
expires: Tue, 15 Mar 2022 01:30:45 GMT

GET
H2 200 lef-logo.png
client12.xyz/img/ 83 KB
84 KB 168ms
161ms Image
image/png 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/lef-logo.png
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: f2decf0af5740c2b24dc62dd05eba945a429e6fea7eae38f3d2793c796251720

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Wed, 22 Apr 2020 04:00:00 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 85393
content-type: image/png

GET
H2 200 Home1.svg
client12.xyz/img/nav-icons/ 1 KB
1 KB 166ms
159ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/Home1.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 7653ba196a05f4df2504d1e61cacf5011dc81b2355dd9fde527eec8cad085bff

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Thu, 13 Aug 2020 09:55:00 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1088
content-type: image/svg+xml

GET
H2 200 settlement.svg
client12.xyz/img/nav-icons/ 3 KB
3 KB 296ms
289ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/settlement.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: a4ef523fb7709f18d5150dbeece3dfaa38af467212b6b379bb15dfd743c3e582

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Mon, 04 Jan 2021 18:04:35 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2623
content-type: image/svg+xml

GET
H2 200 ABOUT1.svg
client12.xyz/img/nav-icons/ 825 B
879 B 167ms
160ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/ABOUT1.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 28300592b31041a343822abe68532332166fc970918e5c84e3233031d058adb4

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Fri, 14 Aug 2020 11:57:00 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 825
content-type: image/svg+xml

GET
H2 200 faq.svg
client12.xyz/img/nav-icons/ 504 B
558 B 167ms
160ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/faq.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 1a3da1b6b7fb78591bea120fb2d4d3e49770a889a15229f5914906d533125f75

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Mon, 04 Jan 2021 18:06:35 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 504
content-type: image/svg+xml

GET
H2 200 success.svg
client12.xyz/img/nav-icons/ 6 KB
6 KB 163ms
156ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/success.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 0d6e873d6aa13b9eca6ed5063eb47f7a7da0bc25657c83e589daf0259683c1ba

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Mon, 04 Jan 2021 18:07:19 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6410
content-type: image/svg+xml

GET
H2 200 CalendarNAV1-01.svg
client12.xyz/img/nav-icons/ 3 KB
3 KB 162ms
155ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/CalendarNAV1-01.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 8373659e0938a5a07384474a4fc2a9bd0a1f50195125c1a16acb1f5ce0a8e5b2

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Thu, 03 Dec 2020 14:25:47 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3421
content-type: image/svg+xml

GET
H2 200 resources.svg
client12.xyz/img/nav-icons/ 1 KB
1 KB 184ms
178ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/resources.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 52e6115ea59b4801b717dd1211e3bea5f3dddcf25413728b174ecf618ba7097e

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Mon, 04 Jan 2021 18:09:38 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1120
content-type: image/svg+xml

GET
H2 200 Contact_Us1.svg
client12.xyz/img/nav-icons/ 3 KB
3 KB 184ms
178ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/nav-icons/Contact_Us1.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 9709b232c52cb70665e4ecff2ea2344361b997da9e4d16cd02380431a5eb6b94

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Fri, 14 Aug 2020 11:57:00 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3064
content-type: image/svg+xml

GET
H2 200 blank.png
gtranslate.net/flags/ 95 B
435 B 37ms
16ms Image
image/png 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtranslate.net/flags/blank.png
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 532870
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
cf-request-id: 09089a77cb00003248a2a5c000000001
last-modified: Wed, 23 May 2018 22:32:56 GMT
server: cloudflare
etag: "3950a-5f-56ce71dc13b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jmriI3nIrIAtai5gBBz0dZolLYM6t2zYMwdxguvENmmSwx5J%2FypCtAbBdu2fHV2p89befjqxF0EBLnpfnwP6NFa0QS1YLD3dENW2B8Hw7w%2FixGYb%2B5DeDRuoaQ%3D%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 635460394bc63248-FRA
expires: Sun, 28 Mar 2021 21:29:36 GMT

GET
H/1.1 200
OK social-enterprise-w525h276.jpg
lefca.org/admin/resources/blog/ 37 KB
37 KB 458ms
151ms Image
image/jpeg 162.214.148.3
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lefca.org/admin/resources/blog/social-enterprise-w525h276.jpg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.148.3 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.stf.obm.mybluehost.me
Software: Apache /
Resource Hash: cfdf260c98c08bebe8218c6da5f1af0f625a403ece1ed2e4de7971fd8dfb1133

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:30:46 GMT
Last-Modified: Mon, 14 Dec 2020 23:58:50 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 38013

GET
H/1.1 200
OK itis-hmpg-thumb-w525h276.jpg
lefca.org/admin/resources/blog/ 129 KB
129 KB 458ms
150ms Image
image/jpeg 162.214.148.3
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lefca.org/admin/resources/blog/itis-hmpg-thumb-w525h276.jpg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.148.3 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.stf.obm.mybluehost.me
Software: Apache /
Resource Hash: 57fbaf45dfe61c674bbd030086262e55d1a6bc11df8cb7b58697a11072491b3b

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:30:46 GMT
Last-Modified: Wed, 16 Dec 2020 17:31:56 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 132349

GET
H/1.1 200
OK calendar-image-1-528.png
lefca.org/admin/resources/ 221 KB
221 KB 495ms
163ms Image
image/png 162.214.148.3
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lefca.org/admin/resources/calendar-image-1-528.png
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.148.3 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.stf.obm.mybluehost.me
Software: Apache /
Resource Hash: fcc63a0a1652e211cd939c5b9a6ec711881c548f849fb8d2dbb52475acf4262b

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:30:47 GMT
Last-Modified: Sun, 13 Dec 2020 19:21:33 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 225816

GET
H/1.1 200
OK classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 101ms
32ms Stylesheet
text/css 13.226.152.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.152.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-152-108.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 00:30:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
Server: AmazonS3
Age: 3624
ETag: W/"ae0fc9b84c30cada1784022044962394"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: w8j5ai_XQMBDaMBdEtFwsWxxMqIPySx1cUb7EFER0UZsC6jy9t8KVA==

GET
H/1.1 200
OK our-services-final.svg
lefca.org/admin/resources/icons/ 2 KB
2 KB 495ms
164ms Image
image/svg+xml 162.214.148.3
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lefca.org/admin/resources/icons/our-services-final.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.214.148.3 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.stf.obm.mybluehost.me
Software: Apache /
Resource Hash: d693a9bee54205dd41c3e75e03a29a6cdec8ecd1a43b3d3a00e738f87de1f451

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:30:47 GMT
Last-Modified: Thu, 19 Nov 2020 08:02:33 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2308

GET
H2 200 x-circle.jpg
client12.xyz/img/ 33 KB
33 KB 307ms
303ms Image
image/jpeg 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/img/x-circle.jpg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: cb707be9239d0daca253828567ef8f927f8b2335f21bb9715784282d5027f19b

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Wed, 24 Mar 2021 17:50:40 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 33737
content-type: image/jpeg

GET
H2 200 telegramlogo.svg
client12.xyz/admin/resources/ 855 B
909 B 297ms
293ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/telegramlogo.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 8e099656848b06021ce86fcde7a2d3c7c9cc83c2705709855b25bdaeebd7ffcc

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Wed, 24 Mar 2021 15:07:49 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 855
content-type: image/svg+xml

GET
H2 200 call.svg
client12.xyz/admin/resources/ 584 B
638 B 297ms
293ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/call.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: e68b15a06346f436c74c5ef1d912b088f7da23d051478542c5508db9615dd913

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Wed, 24 Mar 2021 17:55:07 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 584
content-type: image/svg+xml

GET
H2 200 emailenvelopeinboxmailmessagesendicon-1320085879987098147.png
client12.xyz/admin/resources/ 12 KB
12 KB 301ms
298ms Image
image/png 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/emailenvelopeinboxmailmessagesendicon-1320085879987098147.png
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: a858a0348862e14058216027bfbed5ea946b03309368501029e99871877d6eb8

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Wed, 24 Mar 2021 15:21:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12406
content-type: image/png

GET
H2 200 helpdesk-01.svg
client12.xyz/admin/resources/ 2 KB
2 KB 303ms
299ms Image
image/svg+xml 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/helpdesk-01.svg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: be93ee9071bb5d803e68a6611ddd9d89d412b9e97fe4d59530297e7c72c21ed4

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
last-modified: Wed, 24 Mar 2021 17:49:22 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1909
content-type: image/svg+xml

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 23ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Origin: https://am.client12.xyz
Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-11abc"
vary: Accept-Encoding
x-hw: 1616635846.dop158.fr8.t,1616635846.cds231.fr8.hn,1616635846.cds240.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24606

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 21ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://am.client12.xyz
Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3724292
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 7503
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
x-served-by: cache-fra19134-FRA, cache-hhn4069-HHN
date: Thu, 25 Mar 2021 01:30:46 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
14 KB 16ms
15ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://am.client12.xyz
Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617
access-control-allow-origin: *
cdn-cachedat: 2021-03-11 11:57:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a77b400004e8bf5880000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 977fd8cd66c7bc37f7af1aceaf8b6f1d
cf-ray: 635460391cba4e8b-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 36ms
33ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38804850-1

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b15781c95717adf9dec66d6165dbcec8e1354a5fb8d9046ac1384655f4299110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39121
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Mar 2021 01:30:46 GMT

GET
H2 200 queue.js Show response
tdns0.gtranslate.net/tdn-bin/ 46 KB
8 KB 76ms
54ms Script
application/javascript 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns0.gtranslate.net/tdn-bin/queue.js
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e96c2e6e4a80ee5fafa9ccbe8279b481e797299b388d17b0b47b88dfb5beded4

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zqb5NezXgNRIVhTn1jbjtX7K6AEN1PlkF%2F53UrZXgYDoQ%2BPVMMIMCHA9RfJpQzperjOsyW4jwIN6DjBYExWwleh4bV5%2FjsVcVXkZsMvY5pgGfwVygSNl8%2Bd8WMaCAd2BqQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache
cf-ray: 635460394d994abc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a77ca00004abc0a053000000001

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=GTranslateElementInit

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

78ab2cf2796afb30966e71e16a6ff9f96ce26e0f790093e03a11c1040bf0593f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1878
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 font-awesome.min.css
client12.xyz/font-awesome-4.7.0/css/ 0
0 374ms
374ms Stylesheet
text/html 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: /
Resource Hash

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 font-awesome.css
client12.xyz/font-awesome-4.7.0/css/ 0
0 357ms
356ms Stylesheet
text/html 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://client12.xyz/font-awesome-4.7.0/css/font-awesome.css
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: /
Resource Hash

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 16.png
gtranslate.net/flags/ 25 KB
26 KB 25ms
13ms Image
image/png 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtranslate.net/flags/16.png
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa771bdaf016b7a24020f05e7319b08de9cacc5558ee085312c9a16968ba31e5

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 759108
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26031
cf-request-id: 09089a77cb000032486682b000000001
last-modified: Wed, 23 May 2018 22:32:56 GMT
server: cloudflare
etag: "39513-65af-56ce71dc3d9b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J5wye6P9fBj7IposBS1h5wUksOnbv79wHhpZ8p%2BVrEaKSx0vylOfK4UWpVgez4hwhpsroZ2cHgyjHtFamnOBUq2m6HPo97giCXctBhgKxTxyStk%2Ff7SkbqyRrA%3D%3D"}],"group":"cf-nel"}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 635460394bc73248-FRA
expires: Fri, 26 Mar 2021 06:38:58 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 27ms
13ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://am.client12.xyz
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2429330
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
cf-request-id: 09089a77de00004a9e24aff000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BWX%2BIb1kaXLyUdAauJURj%2F4lDjYxLfm2011MuOHEFxAt7cl1xbh5puQiGk5d8biwfprvvW4GsvM6rL23SKbeXe69tY7MiVy5K04BSRlpaH4z3l9pgbXBCN4r9PFuKY7lLw%3D%3D"}],"group":"cf-nel"}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 635460396d164a9e-FRA
expires: Tue, 15 Mar 2022 01:30:46 GMT

GET
H2

200

settlement-nss.jpg
client12.xyz/admin/resources/
Redirect Chain

https://am.client12.xyz/admin/resources/settlement-nss.jpg
https://client12.xyz/admin/resources/settlement-nss.jpg

64 KB
64 KB

162ms
162ms

Image
image/jpeg

50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/settlement-nss.jpg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 0260ea75a66b24e42801d902502ce159f5314e220126f9f949bc800eae3d634d

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
last-modified: Mon, 22 Mar 2021 20:39:01 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 65488
content-type: image/jpeg

Redirect headers

x-gt-redirect-reason: request is a static file
Date: Thu, 25 Mar 2021 01:30:46 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Location: https://client12.xyz/admin/resources/settlement-nss.jpg
Content-Type: text/html

GET
H2

200

raphmfawebsitebanner.jpg
client12.xyz/admin/resources/
Redirect Chain

https://am.client12.xyz/admin/resources/raphmfawebsitebanner.jpg
https://client12.xyz/admin/resources/raphmfawebsitebanner.jpg

189 KB
190 KB

162ms
161ms

Image
image/jpeg

50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/raphmfawebsitebanner.jpg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: 2197dcdbc8a59e9e28302eaf757373b488cbc56f3ae7d9f38771a84eae4123a8

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
last-modified: Mon, 22 Mar 2021 20:50:26 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 193594
content-type: image/jpeg

Redirect headers

x-gt-redirect-reason: request is a static file
Date: Thu, 25 Mar 2021 01:30:46 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Location: https://client12.xyz/admin/resources/raphmfawebsitebanner.jpg
Content-Type: text/html

GET
H2

200

job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg
client12.xyz/admin/resources/
Redirect Chain

https://am.client12.xyz/admin/resources/job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg
https://client12.xyz/admin/resources/job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg

204 KB
205 KB

284ms
283ms

Image
image/jpeg

50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: Apache /
Resource Hash: f8742ed53081741deeb49a32776842833dc01121250078e10ef922bbd96874df

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
last-modified: Mon, 22 Mar 2021 20:53:53 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 208762
content-type: image/jpeg

Redirect headers

x-gt-redirect-reason: request is a static file
Date: Thu, 25 Mar 2021 01:30:46 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Location: https://client12.xyz/admin/resources/job-seekers-who-used-flexjobs-to-find-remote-work-1024x512-1.jpg
Content-Type: text/html

GET
H/1.1 200
OK /
am.client12.xyz/ 46 KB
46 KB 1282ms
1208ms Image
text/html 51.178.161.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://am.client12.xyz/

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.178.161.64 , France, ASN16276 (OVH, FR),

Reverse DNS

tdn-51-178-161-64.gtranslate.net

Software

gtranslate /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-gt-cache-status: BYPASS
Content-Encoding: gzip
x-content-type-options: nosniff
server: gtranslate
date: Thu, 25 Mar 2021 01:30:47 GMT
x-frame-options: deny
content-language: am
Transfer-Encoding: chunked
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: text/html; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 404 purple-04-thumb@2x.jpg
client12.xyz/admin/resources/ 0
0 183ms
183ms Image
text/html 50.87.171.203
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client12.xyz/admin/resources/purple-04-thumb@2x.jpg
Requested by: Host: client12.xyz
URL: https://client12.xyz/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.171.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-87-171-203.unifiedlayer.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://client12.xyz/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 10ms
10ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://am.client12.xyz
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 536676
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77400
cf-request-id: 09089a783a00004a9e10a85000000001
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NqqqBPZz9StDwxs03FaVOGUmCwrXD%2BVCMR7EnL5IgiB%2BzII4C%2FKLo4rYRLdqfkcK%2B%2BWsyfcLN5glAO0juNYP7n%2F3vVPQhpI5re%2BLL7g8qUzIN3AhQsY5jI8lV7x257E0lA%3D%3D"}],"group":"cf-nel"}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63546039fd914a9e-FRA
expires: Tue, 15 Mar 2022 01:30:46 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 17 KB
5 KB 48ms
27ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=te_lib&format=html&v=1.0&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw&logld=vTE_20170501_01&sl=en&tl=am&sp=nmt&tc=2&ctt=1&tk=288352.179273&mode=1

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

189b6927d3b36fd4a77c5d7ab575d4179248fc6f2f2e93c8f54d2b64b80b022a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: am
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 21 KB
3 KB 37ms
26ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f3c73acf6c1b81540f8d0be21491f5ba69ecb77ec263b5d0966d6cf00ae8700d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: ne
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3058
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 21 KB
3 KB 34ms
28ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f3c73acf6c1b81540f8d0be21491f5ba69ecb77ec263b5d0966d6cf00ae8700d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: ne
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3058
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 21 KB
3 KB 33ms
32ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f3c73acf6c1b81540f8d0be21491f5ba69ecb77ec263b5d0966d6cf00ae8700d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: ne
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3058
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
44 KB 145ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ff12958280077b86e5352edd8df6a96630580a06c24b83e0e2f517f64b9d7b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: br
last-modified: Mon, 22 Mar 2021 19:35:07 GMT
etag: "605b2bf8-ace5"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44261
expires: Thu, 25 Mar 2021 02:30:47 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3278
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Mar 2021 01:36:09 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1345
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Mar 2021 02:08:22 GMT

POST
H2 200 save Show response
tdns0.gtranslate.net/tdn-bin/ 7 B
310 B 85ms
60ms XHR
text/plain 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns0.gtranslate.net/tdn-bin/save
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i2JZCQPYfEoaOAzYI4I0K1JiPkfMeWcprJaOKS5cN7uQKomSWtNCm0uwFoLwKWzVIBtK4fBenkPL6lJll9YD4JlHDm8R9zqDqHswCCEYLc13%2FDaRe%2B8kLpyqhw5uSKQieg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6354603c6ea64e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a79c300004e434a322000000001

POST
H2 200 save Show response
tdns0.gtranslate.net/tdn-bin/ 7 B
676 B 76ms
53ms XHR
text/plain 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns0.gtranslate.net/tdn-bin/save
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lDfMMDU2th%2FrVh9H5Ae1bDGkmj0UrbfaD%2FVTF3hOhX8M3FuiObHRlFRFzQfL3Owst32TxjCGgBZnShh4zSMEB5Xegf47Weuprrn1I8rQE3L40ydQCYwpF4GggRX6FchNGQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6354603c6ea94e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a79c300004e437d30a000000001

POST
H2 200 save Show response
tdns0.gtranslate.net/tdn-bin/ 7 B
302 B 81ms
60ms XHR
text/plain 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns0.gtranslate.net/tdn-bin/save
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DBm4vSVePznZoXsaYypueB8KXGOI4C5sc9K7fpdy8ZrYrUT7rGAZ5uksQrr%2BVFg3hHoFBCq9HGeuerDInAbzSa1NBmqzCd2kR5q1sZhlbBXnU%2FDgUPXSbO%2FMaeMeA88mIw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6354603c6ea74e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a79c300004e434d3bf000000001

POST
H2 200 save Show response
tdns0.gtranslate.net/tdn-bin/ 7 B
303 B 80ms
61ms XHR
text/plain 2606:4700:3037::ac43:9feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns0.gtranslate.net/tdn-bin/save
Requested by: Host: am.client12.xyz
URL: https://am.client12.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ry1ahj%2B1RHATuwv%2F5Q3aRlCqo7bV7ntGhZKksxXl%2B9dEWH6YXwvZ6mzU6%2B1erCopGGzhbrSzDIK8N0mu22pyaBKueP7aj42zlqFwfgkEadzzs5KtRWLjJiPWxHfncjnp2w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6354603c6eab4e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09089a79c300004e435f3a5000000001

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
90 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 17:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28480
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 17:36:07 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 02:46:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 81873
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Thu, 24 Mar 2022 02:46:14 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame B388 18 KB
3 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3278
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Mar 2021 01:36:09 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
914 B 7ms
6ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 10:33:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 53829
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Thu, 24 Mar 2022 10:33:38 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame 5668 3 KB
1 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z5/SX2dyINIaOG43Xm9pnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-z5/SX2dyINIaOG43Xm9pnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Thu, 25 Mar 2021 01:30:47 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 6E94 18 KB
3 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3278
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Mar 2021 01:36:09 GMT

GET
H3-Q050 200 cleardot.gif
www.google.com/images/ Frame 6E94 43 B
403 B 41ms
27ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 googlelogo_color_68x28dp.png
www.gstatic.com/images/branding/googlelogo/1x/ Frame 6E94 2 KB
2 KB 28ms
13ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:20:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 400205
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1597
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:20:42 GMT

GET
H3-Q050 200 loading.gif
translate.googleapis.com/translate_static/img/ Frame 6E94 702 B
811 B 7ms
6ms Image
image/gif 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.googleapis.com/translate_static/img/loading.gif

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb6b7bcc1ab09f27db17bcbdf5239ce1d52af34f1fc5125b3fc8528a07848d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:02:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 577727
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 702
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:02:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9222.WH4pM7hBITYYqPCXhrpv4ocWRIft89kPxqcMydx6xCspxKaQAa5_P9efIVSeSY74.M9u7M9BCS1Fi23EtZJqGjMnneSk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9222.858As1j-YeChvRz-Ir84XThd6GYYadnpEiHbb6BEURJMSplwUptzntjR2SHfvPCu1-WNKJihmiX_DkDOuIk06Q%2C%2C.xReUT-p928NcNdJfz6u0ijVQkK8%2C

75 B
75 B

52ms
52ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9222.858As1j-YeChvRz-Ir84XThd6GYYadnpEiHbb6BEURJMSplwUptzntjR2SHfvPCu1-WNKJihmiX_DkDOuIk06Q%2C%2C.xReUT-p928NcNdJfz6u0ijVQkK8%2C

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9222.858As1j-YeChvRz-Ir84XThd6GYYadnpEiHbb6BEURJMSplwUptzntjR2SHfvPCu1-WNKJihmiX_DkDOuIk06Q%2C%2C.xReUT-p928NcNdJfz6u0ijVQkK8%2C
date: Thu, 25 Mar 2021 01:30:47 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 50ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
last-modified: Mon, 22 Mar 2021 19:35:07 GMT
etag: "605b2bf8-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Mar 2021 02:30:47 GMT

GET
H3-Q050 200 cleardot.gif
www.google.com/images/ Frame 6E94 43 B
66 B 16ms
13ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 53F7 18 KB
3 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3278
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Mar 2021 01:36:09 GMT

GET
H3-Q050 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 540C 18 KB
3 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3278
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 25 Mar 2021 01:36:09 GMT

POST
H3-Q050 200 t Show response
translate.googleapis.com/translate_a/ 2 KB
1 KB 52ms
19ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=te&format=html&v=1.0&key&logld=vTE_20210224_00&sl=auto&tl=am&tc=1&ctt=1&sr=1&tk=609311.1021494&mode=1

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

cf8f249427c20d6f94fa989bc6e56dde9cdb56bd0eecf994f71b1ec220727b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: am
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 903
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

POST
H3-Q050 200 t Show response
translate.googleapis.com/translate_a/ 2 KB
614 B 56ms
26ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=te&format=html&v=1.0&key&logld=vTE_20210224_00&sl=auto&tl=am&tc=2&ctt=1&sr=1&tk=483112.99585&mode=1

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

b587a5a2cc7b566b9bb245a8fd967284b214644d26496d50ba0bf513188b9a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: am
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 515
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

POST
H3-Q050 200 t Show response
translate.googleapis.com/translate_a/ 3 KB
1 KB 51ms
23ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=te&format=html&v=1.0&key&logld=vTE_20210224_00&sl=auto&tl=am&tc=3&ctt=1&sr=1&tk=250493.329812&mode=1

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

74bb8c7a6154e91b38d32a96e2656f08f2f74dc23102ffe2067ffe4f1defa356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 01:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: am
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1211
x-xss-protection: 0
expires: Thu, 25 Mar 2021 01:30:47 GMT

GET
H3-Q050 204 gen204
translate.google.com/ 0
426 B 44ms
28ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?sl=auto&tl=am&textlen=141&ctt=1&ttt=168&ttl=127&sr=1&nca=te_time&client=te&logld=vTE_20210224_00

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:47 GMT
x-content-type-options: nosniff
server: HTTP server (unknown)
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/36618640/
Redirect Chain

https://mc.yandex.com/watch/36618640?wmode=7&page-url=https%3A%2F%2Fam.client12.xyz%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A2374%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fam.client12.xyz%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A2374%3Afu%3A0%3Aen%3A...

203 B
284 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fam.client12.xyz%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A2374%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1226388838244%3Ahid%3A737790651%3Az%3A60%3Ai%3A20210325023047%3Aet%3A1616635847%3Ac%3A1%3Arn%3A716292835%3Au%3A1616635847758226649%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616635844329%3Ads%3A0%2C76%2C1045%2C1%2C0%2C0%2C%2C1590%2C0%2C%2C%2C%2C2714%3Adsn%3A1%2C75%2C1045%2C1%2C0%2C0%2C%2C1591%2C1%2C%2C%2C%2C2714%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616635848%3At%3A%E1%8A%A0%E1%8B%B2%E1%88%B5%20%E1%89%A0%E1%88%AD

Requested by

Host: am.client12.xyz
URL: https://am.client12.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

05dea896ff2bf01f2145a9571dc79ae12a249c5a575fde5dbaaa73f045df6c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://am.client12.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Mar-2021 01:30:47 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://am.client12.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Thu, 25-Mar-2021 01:30:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 01:30:47 GMT
last-modified: Thu, 25-Mar-2021 01:30:47 GMT
location: /watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fam.client12.xyz%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A2374%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1226388838244%3Ahid%3A737790651%3Az%3A60%3Ai%3A20210325023047%3Aet%3A1616635847%3Ac%3A1%3Arn%3A716292835%3Au%3A1616635847758226649%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616635844329%3Ads%3A0%2C76%2C1045%2C1%2C0%2C0%2C%2C1590%2C0%2C%2C%2C%2C2714%3Adsn%3A1%2C75%2C1045%2C1%2C0%2C0%2C%2C1591%2C1%2C%2C%2C%2C2714%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1616635848%3At%3A%E1%8A%A0%E1%8B%B2%E1%88%B5%20%E1%89%A0%E1%88%AD
strict-transport-security: max-age=31536000
access-control-allow-origin: https://am.client12.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 25-Mar-2021 01:30:47 GMT

POST t
translate.googleapis.com/translate_a/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: translate.googleapis.com
URL: https://translate.googleapis.com/translate_a/t?anno=3&client=te&format=html&v=1.0&key&logld=vTE_20210224_00&sl=auto&tl=am&tc=4&ctt=1&sr=1&tk=658011.839794&mode=1

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.client12.xyz/	1970-01-19 17:05:07	Name: _ym_isad Value: 2
.client12.xyz/	1970-01-20 01:49:31	Name: _ym_uid Value: 1616635847758226649
.client12.xyz/	1970-01-20 01:49:31	Name: _ym_d Value: 1616635847
am.client12.xyz/	1969-12-31 23:59:59	Name: googtrans Value: /en/am
.client12.xyz/	1969-12-31 23:59:59	Name: googtrans Value: /en/am

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am.client12.xyz
cdn-images.mailchimp.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
client12.xyz
code.jquery.com
gtranslate.net
lefca.org
mc.yandex.com
mc.yandex.ru
stackpath.bootstrapcdn.com
tdns0.gtranslate.net
translate.google.com
translate.googleapis.com
www.google.com
www.googletagmanager.com
www.gstatic.com
translate.googleapis.com
13.226.152.108
162.214.148.3
2001:4de0:ac18::1:a:2b
2606:4700:3037::ac43:9feb
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:803::2004
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a02:6b8::1:119
2a04:4e42:1b::621
50.87.171.203
51.178.161.64
0260ea75a66b24e42801d902502ce159f5314e220126f9f949bc800eae3d634d
05dea896ff2bf01f2145a9571dc79ae12a249c5a575fde5dbaaa73f045df6c4c
0d6e873d6aa13b9eca6ed5063eb47f7a7da0bc25657c83e589daf0259683c1ba
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
189b6927d3b36fd4a77c5d7ab575d4179248fc6f2f2e93c8f54d2b64b80b022a
1a3da1b6b7fb78591bea120fb2d4d3e49770a889a15229f5914906d533125f75
1b79aca58ee5f9a2869f7f4796ba886c5a4117242b5fb7524f65237ea035b695
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2197dcdbc8a59e9e28302eaf757373b488cbc56f3ae7d9f38771a84eae4123a8
21d7c871495a30136d9381e3b7463a58c319c8c5343fd3cdfe91fe0c5ccac5b2
243fad2ac7e668c64180ebba33e08168699ad8f2fcea888e74c7c85d63fdcd28
28300592b31041a343822abe68532332166fc970918e5c84e3233031d058adb4
29192701a1e61a7c5e3b1e49e932d3000b5815c560b0722cb5839134e85b7ef3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4009e5d0a5c689ce1829129d9d251d3d5bce5d34394b2dd9b849f820f6bc5cad
52e6115ea59b4801b717dd1211e3bea5f3dddcf25413728b174ecf618ba7097e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57fbaf45dfe61c674bbd030086262e55d1a6bc11df8cb7b58697a11072491b3b
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6fc9e6d46441826a1f4c8db023e4df46f7bb0e88388ae9a88ceed542d58c1cc5
74bb8c7a6154e91b38d32a96e2656f08f2f74dc23102ffe2067ffe4f1defa356
7653ba196a05f4df2504d1e61cacf5011dc81b2355dd9fde527eec8cad085bff
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
78ab2cf2796afb30966e71e16a6ff9f96ce26e0f790093e03a11c1040bf0593f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
8373659e0938a5a07384474a4fc2a9bd0a1f50195125c1a16acb1f5ce0a8e5b2
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8e099656848b06021ce86fcde7a2d3c7c9cc83c2705709855b25bdaeebd7ffcc
9709b232c52cb70665e4ecff2ea2344361b997da9e4d16cd02380431a5eb6b94
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
a4ef523fb7709f18d5150dbeece3dfaa38af467212b6b379bb15dfd743c3e582
a858a0348862e14058216027bfbed5ea946b03309368501029e99871877d6eb8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b15781c95717adf9dec66d6165dbcec8e1354a5fb8d9046ac1384655f4299110
b587a5a2cc7b566b9bb245a8fd967284b214644d26496d50ba0bf513188b9a9a
be93ee9071bb5d803e68a6611ddd9d89d412b9e97fe4d59530297e7c72c21ed4
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cb707be9239d0daca253828567ef8f927f8b2335f21bb9715784282d5027f19b
cf8f249427c20d6f94fa989bc6e56dde9cdb56bd0eecf994f71b1ec220727b24
cfdf260c98c08bebe8218c6da5f1af0f625a403ece1ed2e4de7971fd8dfb1133
d693a9bee54205dd41c3e75e03a29a6cdec8ecd1a43b3d3a00e738f87de1f451
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e68b15a06346f436c74c5ef1d912b088f7da23d051478542c5508db9615dd913
e96c2e6e4a80ee5fafa9ccbe8279b481e797299b388d17b0b47b88dfb5beded4
f2decf0af5740c2b24dc62dd05eba945a429e6fea7eae38f3d2793c796251720
f3c73acf6c1b81540f8d0be21491f5ba69ecb77ec263b5d0966d6cf00ae8700d
f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e
f8742ed53081741deeb49a32776842833dc01121250078e10ef922bbd96874df
fa771bdaf016b7a24020f05e7319b08de9cacc5558ee085312c9a16968ba31e5
fb6b7bcc1ab09f27db17bcbdf5239ce1d52af34f1fc5125b3fc8528a07848d21
fcc63a0a1652e211cd939c5b9a6ec711881c548f849fb8d2dbb52475acf4262b
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ff12958280077b86e5352edd8df6a96630580a06c24b83e0e2f517f64b9d7b2f

am.client12.xyz Open in urlscan Pro 51.178.161.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

79 Requests

96 %HTTPS

79 %IPv6

14 Domains

17 Subdomains

20 IPs

5 Countries

1624 kBTransfer

2640 kBSize

5 Cookies

8 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

am.client12.xyz Open in urlscan Pro
51.178.161.64 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

96 %
HTTPS

79 %
IPv6

14
Domains

17
Subdomains

20
IPs

5
Countries

1624 kB
Transfer

2640 kB
Size

5
Cookies

79 HTTP transactions
0 data transactions