urlscan.io logo urlscan.io
SecurityTrails logo

0.squereredpoints.com Open in urlscan Pro
104.21.23.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.huntingtonexploration.ca/
Effective URL: https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos
Submission Tags: @phish_report
Submission: On September 30 via api from FI — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 36 HTTP transactions. The main IP is 104.21.23.74, located in and belongs to CLOUDFLARENET, US. The main domain is 0.squereredpoints.com.
TLS certificate: Issued by WE1 on August 8th 2024. Valid for: 3 months.
This is the only time 0.squereredpoints.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 162.214.80.52 46606 (UNIFIEDLA...)
1 142.250.65.170 15169 (GOOGLE)
2 142.251.35.162 15169 (GOOGLE)
1 104.21.71.224 13335 (CLOUDFLAR...)
1 104.21.41.117 13335 (CLOUDFLAR...)
2 142.250.72.99 15169 (GOOGLE)
2 172.67.187.125 13335 (CLOUDFLAR...)
2 142.250.176.194 15169 (GOOGLE)
3 142.251.35.174 15169 (GOOGLE)
1 3 172.67.167.23 13335 (CLOUDFLAR...)
6 104.21.23.74 13335 (CLOUDFLAR...)
36 12
12    162.214.80.52 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sh018.webhostingservices.com
www.huntingtonexploration.ca
huntingtonexploration.ca
1    142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
fonts.googleapis.com
2    142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
pagead2.googlesyndication.com
1    104.21.71.224 (None, )

ASN13335 (CLOUDFLARENET, US)
four.startperfectsolutions.com
1    104.21.41.117 (None, )

ASN13335 (CLOUDFLARENET, US)
wave.rdntocdns.com
2    142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net
fonts.gstatic.com
2    172.67.187.125 (United States)

ASN13335 (CLOUDFLARENET, US)
rain.recordsbluemountain.com
gogo.recordsbluemountain.com
2    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.251.35.174 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f14.1e100.net
fundingchoicesmessages.google.com
3    172.67.167.23 (United States)

ASN13335 (CLOUDFLARENET, US)
from.taskscompletedlists.com
to.taskscompletedlists.com
6    104.21.23.74 (None, )

ASN13335 (CLOUDFLARENET, US)
squereredpoints.com
0.squereredpoints.com
Domain Requested by
11 huntingtonexploration.ca huntingtonexploration.ca
3 0.squereredpoints.com huntingtonexploration.ca
3 squereredpoints.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 to.taskscompletedlists.com gogo.recordsbluemountain.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 pagead2.googlesyndication.com huntingtonexploration.ca
pagead2.googlesyndication.com
1 from.taskscompletedlists.com gogo.recordsbluemountain.com
1 gogo.recordsbluemountain.com rain.recordsbluemountain.com
1 rain.recordsbluemountain.com wave.rdntocdns.com
1 wave.rdntocdns.com four.startperfectsolutions.com
1 four.startperfectsolutions.com huntingtonexploration.ca
1 fonts.googleapis.com huntingtonexploration.ca
1 www.huntingtonexploration.ca 1 redirects
36 15

This site contains no links.

Subject Issuer Validity Valid
www.huntingtonexploration.ca
R11		 2024-07-30 -
2024-10-28		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
startperfectsolutions.com
WE1		 2024-08-24 -
2024-11-22		 3 months crt.sh
rdntocdns.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
recordsbluemountain.com
WE1		 2024-09-14 -
2024-12-13		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
taskscompletedlists.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
squereredpoints.com
WE1		 2024-08-08 -
2024-11-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos
Frame ID: 9ADF21C9F77C26620A977F5AED48E882
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240925/r20110914/zrt_lookup_fy2021.html
Frame ID: D66A17D88B62DB2AB18DBEBEE9746D42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3122387047055998&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727697862&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhuntingtonexploration.ca%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727697862186&bpp=22&bdt=854&idt=281&shv=r20240925&mjsv=m202409240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6758835466532&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31087432%2C31087433%2C31087436%2C31087437%2C31087439%2C42532523%2C44798934%2C95331833%2C95338242%2C31087522&oid=2&pvsid=268673302405352&tmod=1789551224&uas=0&nvt=1&fsapi=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=322
Frame ID: E9221A54B6E28E3456CB5323BB399ABC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

## ## Confirm notifications ## ##

Page URL History Show full URLs

  1. http://www.huntingtonexploration.ca/ HTTP 307
    https://www.huntingtonexploration.ca/ HTTP 307
    http://www.huntingtonexploration.ca/ HTTP 301
    https://huntingtonexploration.ca/ Page URL
  2. https://from.taskscompletedlists.com/xV74Ky HTTP 302
    https://to.taskscompletedlists.com/Qvr4Tm Page URL
  3. https://squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos Page URL
  4. https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

36
Requests

92 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

12
IPs

2
Countries

817 kB
Transfer

2363 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.huntingtonexploration.ca/ HTTP 307
    https://www.huntingtonexploration.ca/ HTTP 307
    http://www.huntingtonexploration.ca/ HTTP 301
    https://huntingtonexploration.ca/ Page URL
  2. https://from.taskscompletedlists.com/xV74Ky HTTP 302
    https://to.taskscompletedlists.com/Qvr4Tm Page URL
  3. https://squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos Page URL
  4. https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.huntingtonexploration.ca/ HTTP 307
  • https://www.huntingtonexploration.ca/ HTTP 307
  • http://www.huntingtonexploration.ca/ HTTP 301
  • https://huntingtonexploration.ca/
Request Chain 27
  • https://from.taskscompletedlists.com/xV74Ky HTTP 302
  • https://to.taskscompletedlists.com/Qvr4Tm

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
huntingtonexploration.ca/
Redirect Chain
  • http://www.huntingtonexploration.ca/
  • https://www.huntingtonexploration.ca/
  • http://www.huntingtonexploration.ca/
  • https://huntingtonexploration.ca/
470 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
nginx/1.25.5 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=7200
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 12:04:21 GMT
expires
Mon, 30 Sep 2024 14:03:55 GMT
link
<https://huntingtonexploration.ca/wp-json/>; rel="https://api.w.org/", <https://huntingtonexploration.ca/wp-json/wp/v2/pages/162>; rel="alternate"; title="JSON"; type="application/json", <https://huntingtonexploration.ca/>; rel=shortlink
server
nginx/1.25.5
vary
Accept-Encoding
x-endurance-cache-level
2
x-nginx-cache
WordPress
x-proxy-cache
MISS
x-server-cache
true

Redirect headers

Cache-Control
max-age=7200
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Sep 2024 12:03:55 GMT
Expires
Mon, 30 Sep 2024 14:02:06 GMT
Location
https://huntingtonexploration.ca/
Server
nginx/1.25.5
X-Endurance-Cache-Level
2
X-Proxy-Cache
HIT
X-Redirect-By
WordPress
X-Server-Cache
true
X-nginx-cache
WordPress
style.min.css
huntingtonexploration.ca/wp-includes/css/dist/block-library/ 		110 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 30 Oct 2024 12:04:21 GMT
accept-ranges
bytes
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Tue, 10 Sep 2024 17:07:30 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
style.css
huntingtonexploration.ca/wp-content/plugins/td-newsletter/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-content/plugins/td-newsletter/style.css?ver=12.1
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
fd1af9561d6b70ff8c508d36d40f0b3f2e0cdd8b3c946c844b6ebe51863a09fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 30 Oct 2024 12:04:21 GMT
accept-ranges
bytes
content-length
1634
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Sat, 19 Nov 2022 14:11:32 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
style.css
huntingtonexploration.ca/wp-content/plugins/td-composer/td-multi-purpose/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 30 Oct 2024 12:04:21 GMT
accept-ranges
bytes
content-length
6731
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 26 Oct 2022 02:09:31 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
css
fonts.googleapis.com/ 		30 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCabin%3A500%2C400%2C700%7CZilla+Slab%3A400%2C300%7CBerkshire+Swash%3A400&display=swap&ver=12.1
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
3a6c33c430c3f263219d99424e1f51ad4b4a42a70c1c3674dff323a5b1b60304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:04:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:04:21 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 12:04:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
huntingtonexploration.ca/wp-content/themes/Newspaper/ 		148 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-content/themes/Newspaper/style.css?ver=12.1
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
1383e964dbeb4da6efb6e908176663dbfcd5a387d7d368834f8224233b778bb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 30 Oct 2024 12:04:21 GMT
accept-ranges
bytes
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 26 Oct 2022 02:09:21 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
td_legacy_main.css
huntingtonexploration.ca/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		160 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=e815948e5c9ec5801de67b92a1d5a59fx
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
8c21de3b659aaa30693e28670ce6526645a4af8ce4d49c38f9fe410552d36e4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 30 Oct 2024 12:04:21 GMT
accept-ranges
bytes
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 26 Oct 2022 02:09:32 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
tdb_main.css
huntingtonexploration.ca/wp-content/plugins/td-cloud-library/assets/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=87b3292f51aec51c00e6ce7db9b73ed1
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
8fe457e08539bb6275fda6ccfe7666b6ab9216800193c897200d4c35770f0507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 30 Oct 2024 12:04:21 GMT
accept-ranges
bytes
content-length
7863
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 26 Oct 2022 02:09:36 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/css
jquery.min.js
huntingtonexploration.ca/wp-includes/js/jquery/ 		86 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=21600
content-encoding
gzip
expires
Mon, 30 Sep 2024 18:04:21 GMT
accept-ranges
bytes
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 08 Nov 2023 14:40:29 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
jquery-migrate.min.js
huntingtonexploration.ca/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
server
Apache
cache-control
max-age=21600
content-encoding
gzip
expires
Mon, 30 Sep 2024 18:04:21 GMT
accept-ranges
bytes
content-length
5422
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 09 Aug 2023 03:43:23 GMT
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3122387047055998
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
b6bf2c7ef6c33f1656f70da1de40ce7fd370d537fd7b81c15b54d787bca282cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://huntingtonexploration.ca
Referer
https://huntingtonexploration.ca/

Response headers

content-encoding
br
etag
13431621336149430787
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:04:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Sep 2024 12:04:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53025
x-xss-protection
0
server
cafe
sold.js
four.startperfectsolutions.com/scripts/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://four.startperfectsolutions.com/scripts/sold.js
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d3cc2b4b2c36396abb1504ea19bd94eed6bde92519e61b776f20ec081f3cd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66acf09d-4024"
age
889244
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8Bg9jQpVt5Zpk9yPseSLcJey85k4kuLijmAOx4TsJpfRr4GWjoVW3%2BxB%2BpnhFjpOugkek0Q%2Fkj0k8GQPS0r6zUF1F3pVDNcdgAGiS%2FjKoQNwm1XopXvrXu92mVUZloZ2Axfk2ncjj42M0SdluwnR6o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb41332ccfd369c-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:04:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 02 Aug 2024 14:43:41 GMT
vary
Accept-Encoding
server
cloudflare
a5cdf5e9-6f13-42ac-8549-da59e727a061
https://huntingtonexploration.ca/ Frame 		0
0
inputs.js
wave.rdntocdns.com/rps/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.rdntocdns.com/rps/inputs.js
Requested by
Host: four.startperfectsolutions.com
URL: https://four.startperfectsolutions.com/scripts/sold.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a40685fce981cd8015dd2003074cd5e93735de49a7126ebdad11d48644c9891

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f11c2f-379d"
age
568979
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpAtfEesYVKfgtRC7M1j%2B%2FI%2BLxS68OmnY%2BR7uPce2CKbCqDgVpdAbh6kc4G00J%2Fl%2FalLUqPr4hEmuZdQIh%2Bsb4JW2FtToRLzlpd4njrd3mL8yzOtAdETnLeYZX9EHFS9SXvz4DU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb41335bc8bab4e-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:04:22 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 23 Sep 2024 07:43:43 GMT
vary
Accept-Encoding
server
cloudflare
hero-bg.jpg
huntingtonexploration.ca/wp-content/uploads/2022/10/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://huntingtonexploration.ca/wp-content/uploads/2022/10/hero-bg.jpg
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
8ac169b04a1aa33b2f0c8618a339d468428bb4dc1935c60579ea9395f17a1a6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

x-nginx-cache
WordPress
cache-control
max-age=31536000
expires
Tue, 30 Sep 2025 12:04:21 GMT
accept-ranges
bytes
content-length
246261
date
Mon, 30 Sep 2024 12:04:21 GMT
last-modified
Wed, 26 Oct 2022 02:11:41 GMT
x-endurance-cache-level
2
server
Apache
content-type
image/jpeg
newspaper.woff
huntingtonexploration.ca/wp-content/themes/Newspaper/images/icons/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://huntingtonexploration.ca/wp-content/themes/Newspaper/images/icons/newspaper.woff?21
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/wp-content/themes/Newspaper/style.css?ver=12.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.80.52 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
sh018.webhostingservices.com
Software
Apache /
Resource Hash
c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://huntingtonexploration.ca
Referer
https://huntingtonexploration.ca/wp-content/themes/Newspaper/style.css?ver=12.1

Response headers

x-nginx-cache
WordPress
cache-control
max-age=21600
expires
Mon, 30 Sep 2024 18:04:22 GMT
accept-ranges
bytes
content-length
32832
date
Mon, 30 Sep 2024 12:04:22 GMT
last-modified
Wed, 26 Oct 2022 02:09:21 GMT
x-endurance-cache-level
2
server
Apache
content-type
font/woff
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCabin%3A500%2C400%2C700%7CZilla+Slab%3A400%2C300%7CBerkshire+Swash%3A400&display=swap&ver=12.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://huntingtonexploration.ca
Referer
https://fonts.googleapis.com/

Response headers

age
428955
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 12:55:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:55:07 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCabin%3A500%2C400%2C700%7CZilla+Slab%3A400%2C300%7CBerkshire+Swash%3A400&display=swap&ver=12.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://huntingtonexploration.ca
Referer
https://fonts.googleapis.com/

Response headers

age
430790
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 12:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:24:32 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
8YkzBStf
rain.recordsbluemountain.com/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rain.recordsbluemountain.com/8YkzBStf?q=huntingtonexploration.ca
Requested by
Host: wave.rdntocdns.com
URL: https://wave.rdntocdns.com/rps/inputs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Z2JIRlpvWRG5xTHKZHtTRhYufg2%2FzALxO5tpKBFFoGxdaJn37je2ip4FgnP%2B3sJvClI06chu41a5hlqSa2e92Y5Gh6lV6dmmImERZaGl%2FRgGngP7dcdce0MacLE0y24IQD4d2kwMiGycwc5Na7e"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb413367e3aabc7-YYZ
expires
Mon, 30 Sep 2024 12:04:22 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:04:22 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/ 		409 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/show_ads_impl_fy2021.js?bust=31087522
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3122387047055998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
330a28d94d82ac4f86705ab7b4e3353777c0c5712e6883663c3b2ca16692692a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

content-encoding
br
etag
6969839626813137235
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:04:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Sep 2024 12:04:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
140466
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240925/r20110914/ Frame D66A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240925/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/show_ads_impl_fy2021.js?bust=31087522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://huntingtonexploration.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
1025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 11:47:17 GMT
etag
13108003645644964576
expires
Mon, 14 Oct 2024 11:47:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E922 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3122387047055998&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727697862&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhuntingtonexploration.ca%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727697862186&bpp=22&bdt=854&idt=281&shv=r20240925&mjsv=m202409240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6758835466532&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31087432%2C31087433%2C31087436%2C31087437%2C31087439%2C42532523%2C44798934%2C95331833%2C95338242%2C31087522&oid=2&pvsid=268673302405352&tmod=1789551224&uas=0&nvt=1&fsapi=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/show_ads_impl_fy2021.js?bust=31087522
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://huntingtonexploration.ca/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5511
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 12:04:22 GMT
expires
Mon, 30 Sep 2024 12:04:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zbLzKF
gogo.recordsbluemountain.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gogo.recordsbluemountain.com/zbLzKF
Requested by
Host: rain.recordsbluemountain.com
URL: https://rain.recordsbluemountain.com/8YkzBStf?q=huntingtonexploration.ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKJC0XwywBtTMFtXYj98%2FrIGNwGb4R61uoLIbch1lJ8HPzP5fAPmDLLHmIicVUXJL%2BwUIFPFl8ccHE3LXmpPhIkmGmSYEX%2BXemBlWTuNOTulVWHhBZletv07ZzfY3rZb0BDCD1gQOnsNuIwLq09K"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb4133a2954abc7-YYZ
expires
Mon, 30 Sep 2024 12:04:23 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:04:23 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
server
cloudflare
ca-pub-3122387047055998
fundingchoicesmessages.google.com/i/ 		200 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3122387047055998?href=https%3A%2F%2Fhuntingtonexploration.ca&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409240101/show_ads_impl_fy2021.js?bust=31087522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f14.1e100.net
Software
ESF /
Resource Hash
d56818d98de425296767a9b799257c21692b9f1a2f977f0852753587c860f421
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9A7uq30FKWypzWcIZVs3iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:04:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzEjkWXWD2B-P66S6zPgXjvx0usR4F46f3LrGuBuEjiCmsLEAtxcxxf_mo7m8CJZ7fVlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLI3M9AxM4wsMAPnGS5A"
content-security-policy
script-src 'report-sample' 'nonce-9A7uq30FKWypzWcIZVs3iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVFSvr7sMlvBX_88JprRtaSJKY4zPLocdp6T42aQ1Nau7bagszD8pfSjPaBZaTfRbvnRXrXBCyVuknTJ2RWrjti8TCYrXeJyQjzB9XXHNuWKgE9tBCR0DHFqPOs1jZzd65spqD1Ow==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVFSvr7sMlvBX_88JprRtaSJKY4zPLocdp6T42aQ1Nau7bagszD8pfSjPaBZaTfRbvnRXrXBCyVuknTJ2RWrjti8TCYrXeJyQjzB9XXHNuWKgE9tBCR0DHFqPOs1jZzd65spqD1Ow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3Njk3ODYzLDIzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9odW50aW5ndG9uZXhwbG9yYXRpb24uY2EvIixudWxsLFtbOCwiR0VoX0h2V3lkNlEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CO4c3D57DVfhkVcpo7vyjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:04:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQC_FwHF_-ajubQMeZKX2MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGlkZmegam8QUGANkZRkE"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CO4c3D57DVfhkVcpo7vyjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
xV74Ky
from.taskscompletedlists.com/ 		0
0
xV74Ky
from.taskscompletedlists.com/ 		0
0
Qvr4Tm
to.taskscompletedlists.com/
Redirect Chain
  • https://from.taskscompletedlists.com/xV74Ky
  • https://to.taskscompletedlists.com/Qvr4Tm
243 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://to.taskscompletedlists.com/Qvr4Tm
Requested by
Host: gogo.recordsbluemountain.com
URL: https://gogo.recordsbluemountain.com/zbLzKF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://huntingtonexploration.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cb413405b1753ef-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 12:04:23 GMT
expires
Mon, 30 Sep 2024 12:04:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxUMONxkIRuWVQhkz8fGG9M5%2FdiHcDFy8VnP%2Bsse0st%2Bws0yS38%2Fhs43CaIyn%2BPPh6cuf4EJUPY4hod%2Bw48RspnLgKw4C5PlyCfQf6OWxEKcJRGTrxPX6VMQdwj06oHC8JEa6mWiEUMfl5kDRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cb4133e097c53ef-YYZ
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 12:04:23 GMT
expires
Mon, 30 Sep 2024 12:04:23 GMT
location
https://to.taskscompletedlists.com/Qvr4Tm
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQYoX5C8cwP%2F6HN85fuESjmSQBeUNAzSfuzaxUvXlaHOTSZLAAepNQ59HfyhlhmBQeDG9E3rxjiPzKon%2FuFByhXppoCs%2FtQVwUaLSY5iAZtOsM%2FBN%2FEf%2BMPRolrsLzboSA1WBn6f8cF5nk9kt2hA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
AGSKWxXnfyJfzhBosHs33uiRHdpKIPkpz9qNM-ewaZhisRR-5dBRLXw7ptIxqGmk-gM4oFc3H_rE5qed40KLhnLYzKkcWg5pgZGERqa6IDHQWx3T2C_iY0_sq9OMoaZlZsNo8xUBvln87g==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXnfyJfzhBosHs33uiRHdpKIPkpz9qNM-ewaZhisRR-5dBRLXw7ptIxqGmk-gM4oFc3H_rE5qed40KLhnLYzKkcWg5pgZGERqa6IDHQWx3T2C_iY0_sq9OMoaZlZsNo8xUBvln87g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3Njk3ODYzLDM0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaHVudGluZ3RvbmV4cGxvcmF0aW9uLmNhLyIsbnVsbCxbWzgsIkdFaF9Idld5ZDZRIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i8YzKRKGg7HvUZdXrxWJVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://huntingtonexploration.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:04:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQC_FwHF_-ajubwI65p7YzKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYWBqZ6RmYxhcYAADqpUai"
content-security-policy
script-src 'report-sample' 'nonce-i8YzKRKGg7HvUZdXrxWJVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
speculation
to.taskscompletedlists.com/cdn-cgi/ 		128 B
564 B 		Other
General
Check archive.org
Download Go to
Full URL
https://to.taskscompletedlists.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://to.taskscompletedlists.com
Referer
https://to.taskscompletedlists.com/Qvr4Tm

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppI%2B%2FmnVk0P%2BuioGhez91oheqpiffh8XnLAgEIN2EN3qzXtL7q2Lr%2B7tI%2F3F%2FYGI0E87O0DR0O7WT%2Bp7hUJ7vkhF2T7g1iIOpnuQnap13Y8USkuIulGw2PrPm1Kudphb4GVFLKCBr4xZJwTBUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb413424c5653ef-YYZ
access-control-allow-origin
https://to.taskscompletedlists.com
content-length
128
date
Mon, 30 Sep 2024 12:04:24 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
/
squereredpoints.com/ 		52 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b672a93565e0217efd3f6fcf64447b9b28c077a3a6a3f6282bd69bddadbcd0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8cb413444f0436c5-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 12:04:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSzXbXwXF7gzyo2JBF42v6jndX7CGLxyS%2BJo%2BQmHOYUTTjjurqK3cuvfRiZzxdEv%2F8ndty1l2WYIeJ6DkeCwP836a6lugpTQ7IX6Y6x1Z2gInDCceJjk%2F8XP8kb2HdrMvrXg74oh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
squereredpoints.com/cdn-cgi/ 		128 B
541 B 		Other
General
Check archive.org
Download Go to
Full URL
https://squereredpoints.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://squereredpoints.com
Referer
https://squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vv6MHYi2C%2BX9fCcDs4gya5T1zrTeChqXbLZtcoBpwp5cRZZ5z3kTWqNHCbW6cZB1QOegU5H%2FL2LYKaLYEFHB4Cl1lAUbMwKz4BthvawTmw41H8u2gd7Etzc8GhWE6txNR8Mds7lu"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb413458fbf36c5-YYZ
access-control-allow-origin
https://squereredpoints.com
content-length
128
date
Mon, 30 Sep 2024 12:04:24 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
favicon.ico
squereredpoints.com/ 		0
385 B 		Other
General
Check archive.org
Download Go to
Full URL
https://squereredpoints.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
6993
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXFR2zqsLB0goZiv91cl6vGYi1Vo04lrmPMMK7nZLSI6qHucsrKJEPCty%2BY5unLpWviAl13P5SuaQ3eONh916UyIzPAG6pjr%2BXn%2FhgapIH9Qv9W2fNzOYZJ0AR3%2Fa2ReWmZ0RAJw"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb413492a7736c5-YYZ
date
Mon, 30 Sep 2024 12:04:25 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request /
0.squereredpoints.com/ 		52 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos
Requested by
Host: huntingtonexploration.ca
URL: https://huntingtonexploration.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3e5d5315ff3465ff195c5a0c001d7b30db8a94539703d620823ba8f496daf7

Request headers

Referer
https://squereredpoints.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8cb4135b5ff936c5-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 12:04:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AouSFIdT0HpX7MXLP55LabB%2BT0uET9SXXbJOGMwXp7%2BzkTtFNcufV90HGjS8FNvhlN24bpRcsmruM6Jp1QBHOy%2Bj5Sd9x4cfYgEEotHPzhOt4022%2BUJ%2FtqAL0lPaLpdbWvtl4JEdiJw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
0.squereredpoints.com/cdn-cgi/ 		128 B
555 B 		Other
General
Check archive.org
Download Go to
Full URL
https://0.squereredpoints.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://0.squereredpoints.com
Referer
https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5bn8lmBOMovCQYVp8CgOQmo8hpOpB5kC5fzNtMrFEEmmaBTdQM%2BuI9nrUZEY9v2vfQR9%2BGnPC%2BAgOynLl0SRLFuWF1uRNKOCeinkM3xK5pA4NF15X2VwNln%2FvJNxrzoHo%2FtD%2Fn%2BAZc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb4135c78a136c5-YYZ
access-control-allow-origin
https://0.squereredpoints.com
content-length
128
date
Mon, 30 Sep 2024 12:04:28 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
favicon.ico
0.squereredpoints.com/ 		0
396 B 		Other
General
Check archive.org
Download Go to
Full URL
https://0.squereredpoints.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.23.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://0.squereredpoints.com/?p=hbsgcnzqhe5gi3bpha4dsoa&sub1=sternen&sub2=pertos

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
7022
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lf46IPt6hUP96OMGebSETBcbY%2B5GSShoE4%2BS8DZk5H8wE3A56gLWTG%2FKfF0zCTW70eFXtP7l%2FGnqLUQ06%2FMIILIFV1ZBJ%2BWEz6HMBjeToGc8SYbhE3OymJv5UHNVEZSO9Pa2vvapOk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb4135f2a9436c5-YYZ
date
Mon, 30 Sep 2024 12:04:28 GMT
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
huntingtonexploration.ca
URL
blob:https://huntingtonexploration.ca/a5cdf5e9-6f13-42ac-8549-da59e727a061
Domain
from.taskscompletedlists.com
URL
https://from.taskscompletedlists.com/xV74Ky
Domain
from.taskscompletedlists.com
URL
https://from.taskscompletedlists.com/xV74Ky

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| languages string| relevanteLang string| lang function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
from.taskscompletedlists.com/ Name: _subid
Value: 3fjmgrbqvsbf3
from.taskscompletedlists.com/ Name: a4fba
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjg3XCI6MTcyNzY5Nzg2M30sXCJjYW1wYWlnbnNcIjp7XCIyMlwiOjE3Mjc2OTc4NjN9LFwidGltZVwiOjE3Mjc2OTc4NjN9In0.625iax5D0jO9Y5JntIqXcRjFZoUWiBoSRz_eGFUZrwE
to.taskscompletedlists.com/ Name: _subid
Value: 3fjmgrbqvsbf7
to.taskscompletedlists.com/ Name: a4fba
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjkwXCI6MTcyNzY5Nzg2M30sXCJjYW1wYWlnbnNcIjp7XCIyMVwiOjE3Mjc2OTc4NjN9LFwidGltZVwiOjE3Mjc2OTc4NjN9In0.XL3JRUzKF8Ri5bjwZ0GjFMCAYb6WJnYlc4vWl4pfbhs
.squereredpoints.com/ Name: uuid
Value: bb8772fb-1b66-463e-836f-488321e32500
.0.squereredpoints.com/ Name: uuid
Value: bb8772fb-1b66-463e-836f-488321e32500

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.squereredpoints.com
fonts.googleapis.com
fonts.gstatic.com
four.startperfectsolutions.com
from.taskscompletedlists.com
fundingchoicesmessages.google.com
gogo.recordsbluemountain.com
googleads.g.doubleclick.net
huntingtonexploration.ca
pagead2.googlesyndication.com
rain.recordsbluemountain.com
squereredpoints.com
to.taskscompletedlists.com
wave.rdntocdns.com
www.huntingtonexploration.ca
from.taskscompletedlists.com
huntingtonexploration.ca
104.21.23.74
104.21.41.117
104.21.71.224
142.250.176.194
142.250.65.170
142.250.72.99
142.251.35.162
142.251.35.174
162.214.80.52
172.67.167.23
172.67.187.125
0e3e5d5315ff3465ff195c5a0c001d7b30db8a94539703d620823ba8f496daf7
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1383e964dbeb4da6efb6e908176663dbfcd5a387d7d368834f8224233b778bb9
330a28d94d82ac4f86705ab7b4e3353777c0c5712e6883663c3b2ca16692692a
3a6c33c430c3f263219d99424e1f51ad4b4a42a70c1c3674dff323a5b1b60304
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b672a93565e0217efd3f6fcf64447b9b28c077a3a6a3f6282bd69bddadbcd0f
5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ac169b04a1aa33b2f0c8618a339d468428bb4dc1935c60579ea9395f17a1a6d
8c21de3b659aaa30693e28670ce6526645a4af8ce4d49c38f9fe410552d36e4a
8fe457e08539bb6275fda6ccfe7666b6ab9216800193c897200d4c35770f0507
97d3cc2b4b2c36396abb1504ea19bd94eed6bde92519e61b776f20ec081f3cd8
9a40685fce981cd8015dd2003074cd5e93735de49a7126ebdad11d48644c9891
b6bf2c7ef6c33f1656f70da1de40ce7fd370d537fd7b81c15b54d787bca282cd
c21a4f4dea997c97bf301a6d477a7968fabb123e8e00f99ae6fac7f4767324d6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d56818d98de425296767a9b799257c21692b9f1a2f977f0852753587c860f421
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fd1af9561d6b70ff8c508d36d40f0b3f2e0cdd8b3c946c844b6ebe51863a09fa