urlscan.io logo urlscan.io
SecurityTrails logo

services.demogronomics.com Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://spicerclientreview.com/
Effective URL: https://services.demogronomics.com/truspicerbeginnings/
Submission Tags: suspect
Submission: On June 13 via api from BR — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 28 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is services.demogronomics.com.
TLS certificate: Issued by R10 on June 12th 2024. Valid for: 3 months.
This is the only time services.demogronomics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.40.34.41 15348 (TUCOWS)
1 35.202.21.90 396982 (GOOGLE-CL...)
3 34.107.203.240 396982 (GOOGLE-CL...)
2 173.194.68.95 15169 (GOOGLE)
8 74.125.192.132 15169 (GOOGLE)
1 216.239.38.21 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
2 151.101.66.132 54113 (FASTLY)
3 173.194.175.94 15169 (GOOGLE)
1 216.239.32.21 15169 (GOOGLE)
3 35.192.151.63 396982 (GOOGLE-CL...)
2 31.13.66.35 32934 (FACEBOOK)
28 11
1    216.40.34.41 (Canada)

ASN15348 (TUCOWS, CA)
spicerclientreview.com
1    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
services.demogronomics.com
3    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
2    173.194.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f95.1e100.net
fonts.googleapis.com
8    74.125.192.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f132.1e100.net
lh3.googleusercontent.com
1    216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
js.center.io
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
2    151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
fast.wistia.net
3    173.194.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f94.1e100.net
fonts.gstatic.com
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
js.center.io
3    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
2    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 99
2 MB
3 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 54650
1 KB
3 gstatic.com
fonts.gstatic.com
50 KB
3 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 64443
176 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 12164
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 66430
12 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
1 demogronomics.com
services.demogronomics.com
19 KB
1 spicerclientreview.com
spicerclientreview.com
473 B
28 11
Domain Requested by
8 lh3.googleusercontent.com services.demogronomics.com
3 api.leadpages.io js.center.io
3 fonts.gstatic.com fonts.googleapis.com
3 static.leadpages.net services.demogronomics.com
static.leadpages.net
2 www.facebook.com services.demogronomics.com
2 fast.wistia.net services.demogronomics.com
2 connect.facebook.net services.demogronomics.com
connect.facebook.net
2 js.center.io services.demogronomics.com
js.center.io
2 fonts.googleapis.com services.demogronomics.com
1 services.demogronomics.com
1 spicerclientreview.com 1 redirects
28 11

This site contains links to these domains. Also see Links.

Domain
www.google.com
spicerwealth.com
Subject Issuer Validity Valid
services.demogronomics.com
R10		 2024-06-12 -
2024-09-10		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2024-06-05 -
2024-09-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
js.center.io
GTS CA 1D4		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-23 -
2024-06-21		 3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.leadpages.io
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://services.demogronomics.com/truspicerbeginnings/
Frame ID: 6B346982EDCAED347BE2CEB5BB7C1452
Requests: 25 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/b7oopqm8h2?videoFoam=true
Frame ID: C2A839063855FE3E93E6E62635AAD97D
Requests: 1 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/4scemaxydv?seo=false&videoFoam=true
Frame ID: FCBFB0CE872AA0FDB0B8CCE62D4DD272
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 68AADD419268E573C4FBD8A66895520C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TruSpicerBeginnings

Page URL History Show full URLs

  1. http://spicerclientreview.com/ HTTP 307
    https://spicerclientreview.com/ HTTP 307
    http://spicerclientreview.com/ HTTP 303
    https://services.demogronomics.com/truspicerbeginnings/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

2382 kB
Transfer

2763 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://spicerclientreview.com/ HTTP 307
    https://spicerclientreview.com/ HTTP 307
    http://spicerclientreview.com/ HTTP 303
    https://services.demogronomics.com/truspicerbeginnings/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
services.demogronomics.com/truspicerbeginnings/
Redirect Chain
  • http://spicerclientreview.com/
  • https://spicerclientreview.com/
  • http://spicerclientreview.com/
  • https://services.demogronomics.com/truspicerbeginnings/
96 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
7a40c36c7819d92629fa9cc86b6053711fd157b26c3777965a0c3fedaa639597
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Thu, 13 Jun 2024 18:11:00 GMT
etag
W/"e925a661827790ed6c1ce727b6b44b94"
last-modified
Wed, 12 Jun 2024 17:47:04 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
location
https://services.demogronomics.com/truspicerbeginnings/
referrer-policy
strict-origin-when-cross-origin
transfer-encoding
chunked
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
6ce9bc80-654b-4377-9a0d-8b05d143dc5d
x-runtime
0.004431
x-xss-protection
1; mode=block
all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 		100 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 11 Jun 2024 06:31:52 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
214748
etag
"-6uIpg"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
870c664d5f7e086a98e61e824332f1ac
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26836
expires
Wed, 11 Jun 2025 06:31:52 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre+Franklin:300,400,500,700
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f95.1e100.net
Software
ESF /
Resource Hash
97726d21eeb10f374f59969c13807d7f54dd5cb645940e9d32f677c5e4a1f4b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Jun 2024 18:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Jun 2024 18:11:00 GMT
LNj0TWPxGu__Q0u3H1SvSIuFZyq5okjy0EPwhqwlDZHAduz5Gp7hkORm06CWyllC1Vc8P8c0Vi8TW0EehnZmHrfQNlm4tpVo5Yg=w16
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/LNj0TWPxGu__Q0u3H1SvSIuFZyq5okjy0EPwhqwlDZHAduz5Gp7hkORm06CWyllC1Vc8P8c0Vi8TW0EehnZmHrfQNlm4tpVo5Yg=w16
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
3af96ff6780fd0ad83ebe52dfefa90d76e5a92c9a35c4ae91e210784b02e05fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3628
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
center.js
js.center.io/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2615.1e100.net
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:07:09 GMT
server
Google Frontend
age
231
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
543caf040d215f4f9dff1f344bb96a1b
cache-control
public, max-age=300
content-length
12555
expires
Thu, 13 Jun 2024 18:12:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jun 2024 18:11:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ukh+zos+3WWtghcjUEzmh4K9yPBFfosqabErA3XeYnV0Us6hgN0wYdoE8p9rHYti74xi0/+WAOPmXRAdtOsSMw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
b7oopqm8h2
fast.wistia.net/embed/iframe/ Frame C2A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/b7oopqm8h2?videoFoam=true
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://services.demogronomics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
87829
cache-control
public, no-cache
content-encoding
br
content-length
2573
content-type
text/html; charset=utf-8
date
Thu, 13 Jun 2024 18:11:00 GMT
etag
W/"662bde03535fd23b46e8e435f0057f3a"
server
envoy
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
via
1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
tixV3jJf6caEt4sAF0sIwaaG8zekB_btdXx3On7rwKhze1p2gbzm4w==
x-amz-cf-pop
IAD61-P1
x-browser
firefox
x-browser-version
112
x-cache
Miss from cloudfront, HIT, MISS
x-cache-hits
11, 0
x-content-type-options
nosniff
x-ecma-v
modern
x-envoy-upstream-service-time
224
x-permitted-cross-domain-policies
none
x-request-id
1836d91c-a63f-4ce1-b3e9-0491402cccdf
x-runtime
0.222551
x-served-by
cache-iad-kiad7000036-IAD, cache-yyz4563-YYZ
x-timer
S1718302260.310476,VS0,VE21
4scemaxydv
fast.wistia.net/embed/iframe/ Frame FCBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/4scemaxydv?seo=false&videoFoam=true
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://services.demogronomics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
88528
cache-control
public, no-cache
content-encoding
br
content-length
2540
content-type
text/html; charset=utf-8
date
Thu, 13 Jun 2024 18:11:00 GMT
etag
W/"db307ea80562733420bdd2e4a45eec30"
server
envoy
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
via
1.1 281687fdef6568ba75a1a090e3b48e2a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
cGL935fk_DSOLjMS2PCxFjcjiNkTmvHtoE7rRpHZcxNpdq2K_OyaJA==
x-amz-cf-pop
IAD61-P1
x-browser
firefox
x-browser-version
112
x-cache
Miss from cloudfront, HIT, MISS
x-cache-hits
13, 0
x-content-type-options
nosniff
x-ecma-v
modern
x-envoy-upstream-service-time
224
x-permitted-cross-domain-policies
none
x-request-id
111f8b98-ad84-4521-aab9-2fe40b8141a8
x-runtime
0.221725
x-served-by
cache-iad-kjyo7100140-IAD, cache-yyz4563-YYZ
x-timer
S1718302260.310539,VS0,VE18
rliv7GtcojVq0jPGbGxY0TWIQtMIa3veZ1c0eZ0b0_XiiMlLXPoOqzx_N7gK6HyxreeXeBgztuZm8csrA7twbe8NUXQV8plb1g=w16
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/rliv7GtcojVq0jPGbGxY0TWIQtMIa3veZ1c0eZ0b0_XiiMlLXPoOqzx_N7gK6HyxreeXeBgztuZm8csrA7twbe8NUXQV8plb1g=w16
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
1d775b6a2fff29b5fbdb9762381e7fa14acd701ef7a4b2f1751c32aaf94d448c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4468
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
KyTfX5akKJUIeRpVp_bQrsLdW7zxvyY43uQeunOx1Ito6ByZVOepQZheYbEDP3pcNtBJ5YRX7UEcHoCARtp95dU=w16
lh3.googleusercontent.com/ 		472 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/KyTfX5akKJUIeRpVp_bQrsLdW7zxvyY43uQeunOx1Ito6ByZVOepQZheYbEDP3pcNtBJ5YRX7UEcHoCARtp95dU=w16
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
9f6ba2a1bb04fb4ebe36dc8814e5c9c1d820cbb60da0a73b30b748434ecc4812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
472
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
XQQcv19TVXPRtQavKzxzMv-ZOXt_OOg4D1zuLhJ3NHt3R_B_LCEx1aaoZ3QBXlEBSyo0Cr0iVsEG25q1H6dGGVY1HeYuvF3_N-q8=w16
lh3.googleusercontent.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/XQQcv19TVXPRtQavKzxzMv-ZOXt_OOg4D1zuLhJ3NHt3R_B_LCEx1aaoZ3QBXlEBSyo0Cr0iVsEG25q1H6dGGVY1HeYuvF3_N-q8=w16
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
1d3ae6d7c6b4da6429ba80e8b6fd74e930e60bfb06244f28be52230a1ddf08c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3284
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
fa-solid-900.woff2
static.leadpages.net/fonts/font-awesome/6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/webfonts/fa-solid-900.woff2
Requested by
Host: static.leadpages.net
URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer
https://www.google.com
Origin
https://services.demogronomics.com
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Tue, 11 Jun 2024 06:45:34 GMT
via
1.1 google
server
Google Frontend
age
213926
etag
"-6uIpg"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
2f45db2b0369fa69fc60cd897a5a99e8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150020
expires
Wed, 11 Jun 2025 06:45:34 GMT
css
fonts.googleapis.com/ 		13 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre+Franklin:300,400,500,700
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f95.1e100.net
Software
ESF /
Resource Hash
97726d21eeb10f374f59969c13807d7f54dd5cb645940e9d32f677c5e4a1f4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 13 Jun 2024 18:11:00 GMT
rliv7GtcojVq0jPGbGxY0TWIQtMIa3veZ1c0eZ0b0_XiiMlLXPoOqzx_N7gK6HyxreeXeBgztuZm8csrA7twbe8NUXQV8plb1g=w1600
lh3.googleusercontent.com/ 		511 KB
512 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/rliv7GtcojVq0jPGbGxY0TWIQtMIa3veZ1c0eZ0b0_XiiMlLXPoOqzx_N7gK6HyxreeXeBgztuZm8csrA7twbe8NUXQV8plb1g=w1600
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
98f7235735ce61dff27df4db08c45c1e30a2090b12c3332acad653ff97b265f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523715
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
KyTfX5akKJUIeRpVp_bQrsLdW7zxvyY43uQeunOx1Ito6ByZVOepQZheYbEDP3pcNtBJ5YRX7UEcHoCARtp95dU=w1600
lh3.googleusercontent.com/ 		410 KB
411 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/KyTfX5akKJUIeRpVp_bQrsLdW7zxvyY43uQeunOx1Ito6ByZVOepQZheYbEDP3pcNtBJ5YRX7UEcHoCARtp95dU=w1600
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
01178ebe2fbf7dfaea067e312d8685e1e2adb90d4ad576353bd02536cee039b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
420201
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
XQQcv19TVXPRtQavKzxzMv-ZOXt_OOg4D1zuLhJ3NHt3R_B_LCEx1aaoZ3QBXlEBSyo0Cr0iVsEG25q1H6dGGVY1HeYuvF3_N-q8=w1600
lh3.googleusercontent.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/XQQcv19TVXPRtQavKzxzMv-ZOXt_OOg4D1zuLhJ3NHt3R_B_LCEx1aaoZ3QBXlEBSyo0Cr0iVsEG25q1H6dGGVY1HeYuvF3_N-q8=w1600
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
8b11a7c94e4703b7d30dd542fbc0da18c226314c7f96618ca481992212612230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1083720
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre+Franklin:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f94.1e100.net
Software
sffe /
Resource Hash
a6f29d613fb5f0601de883f702315997e45fe3740c8beb351cb50533a9439257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Origin
https://services.demogronomics.com
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 07 Jun 2024 10:18:49 GMT
x-content-type-options
nosniff
age
546731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28220
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 10:18:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre+Franklin:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f94.1e100.net
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Origin
https://services.demogronomics.com
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Sun, 09 Jun 2024 02:15:46 GMT
x-content-type-options
nosniff
age
402914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Jun 2025 02:15:46 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre+Franklin:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f94.1e100.net
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com
Origin
https://services.demogronomics.com
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Fri, 07 Jun 2024 14:22:35 GMT
x-content-type-options
nosniff
age
532105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 14:22:35 GMT
identify.html
js.center.io/ Frame 68AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://services.demogronomics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
referer
https://www.google.com

Response headers

age
176
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Thu, 13 Jun 2024 18:08:04 GMT
etag
"OMWYXg"
expires
Thu, 13 Jun 2024 18:13:04 GMT
server
Google Frontend
x-cloud-trace-context
f81d23806080d0ed6960fc0027c942d1
278877262461318
connect.facebook.net/signals/config/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/278877262461318?v=2.9.158&r=stable&domain=services.demogronomics.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
751ea05c9523fe644507f4a0e7038526dfe74e855483bc338acabb9f7455f8af
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Jun 2024 18:11:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=62, mss=1380, tbw=63536, tp=-1, tpl=-1, uplat=70, ullat=0
pragma
public
x-fb-debug
Du9ZmIy/VFznwP/0elCZkaOYkhleaP/ENxG7AGbU9slRPwlWPNtxQZtkLLWUAX6rkJmrc/BNgGi8xNZZxopYGA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
LNj0TWPxGu__Q0u3H1SvSIuFZyq5okjy0EPwhqwlDZHAduz5Gp7hkORm06CWyllC1Vc8P8c0Vi8TW0EehnZmHrfQNlm4tpVo5Yg=w471
lh3.googleusercontent.com/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/LNj0TWPxGu__Q0u3H1SvSIuFZyq5okjy0EPwhqwlDZHAduz5Gp7hkORm06CWyllC1Vc8P8c0Vi8TW0EehnZmHrfQNlm4tpVo5Yg=w471
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f132.1e100.net
Software
fife /
Resource Hash
5000f61c723b587d7b082f81a4d8185560da0b249b618302bf1194c8f54c3441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:11:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54964
x-xss-protection
0
expires
Fri, 14 Jun 2024 18:11:00 GMT
capture
api.leadpages.io/analytics/v1/events/ 		35 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=swe7JmQeYBzqosHK5eZf8R&v=&e=&st=&lc=en-CA&pid=VnVpdMA597KGHr9coptsk4&uid=VtWY3vkiwawpooJK3HtRrw&sid=VRDo9HzzGK5mzzHFfVfUvv&cid=lp-swe7JmQeYBzqosHK5eZf8R&uri=https%3A%2F%2Fservices.demogronomics.com%2Ftruspicerbeginnings%2F&rf=&rx=1600&ry=1200&tz=-07%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Date
Thu, 13 Jun 2024 18:11:00 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://services.demogronomics.com
X-Forwarded-For
149.88.98.147
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00oguiog8kgdojjop1f0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278877262461318&ev=PageView&dl=https%3A%2F%2Fservices.demogronomics.com&rl=&if=false&ts=1718302260560&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4156&fbp=fb.1.1718302260555.375164170439367943&pm=1&hrl=eba47a&ler=empty&cdl=API_unavailable&it=1718302260428&coo=false&cs_cc=1&cs_cc=1&chmd=&chpv=&chfv=undefined&rqm=GET
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2830, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Jun 2024 18:11:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=278877262461318&ev=PageView&dl=https%3A%2F%2Fservices.demogronomics.com&rl=&if=false&ts=1718302260560&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4156&fbp=fb.1.1718302260555.375164170439367943&pm=1&hrl=eba47a&ler=empty&cdl=API_unavailable&it=1718302260428&coo=false&cs_cc=1&cs_cc=1&chmd=&chpv=&chfv=undefined&rqm=FGET
Requested by
Host: services.demogronomics.com
URL: https://services.demogronomics.com/truspicerbeginnings/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 13 Jun 2024 18:11:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1380, tbw=3148, tp=-1, tpl=-1, uplat=57, ullat=0
pragma
no-cache
x-fb-debug
f8fc2yKQDcR8+mJy+UeQvbPqwP8eEC4uCe1bm0OkhkxVetGPbKVlG0gFE5A0BIfEmNNjPTL4AjwdQJreG/qIKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,115,92,360,2,380,553,554,1007,1007
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Date
Thu, 13 Jun 2024 18:11:00 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
149.88.98.147
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00oguipattfnmo340nag
favicon.ico
static.leadpages.net/images/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date
Thu, 13 Jun 2024 18:06:25 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
275
etag
"-6uIpg"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-cloud-trace-context
171947f6b7c1ee33035753daab4491a4
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2594
expires
Thu, 13 Jun 2024 18:11:25 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Z4E5RrrKr5rKQAmaEeBhdB&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=131.19999980926514,150.60000038146973,1,252.69999980926514
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.google.com
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Date
Thu, 13 Jun 2024 18:11:04 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://services.demogronomics.com
X-Forwarded-For
149.88.98.147
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00ogujoisdqsn6s2o8ag

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage string| LeadPagesCenterObject function| center function| fbq function| _fbq object| sup

2 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.VnVpdMA597KGHr9coptsk4.swe7JmQeYBzqosHK5eZf8R
Value: 1718302261000
.demogronomics.com/ Name: _fbp
Value: fb.1.1718302260555.375164170439367943

1 Console Messages

Source Level URL
Text
other warning URL: https://services.demogronomics.com/truspicerbeginnings/(Line 53)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
connect.facebook.net
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
services.demogronomics.com
spicerclientreview.com
static.leadpages.net
www.facebook.com
151.101.66.132
173.194.175.94
173.194.68.95
216.239.32.21
216.239.38.21
216.40.34.41
31.13.66.19
31.13.66.35
34.107.203.240
35.192.151.63
35.202.21.90
74.125.192.132
01178ebe2fbf7dfaea067e312d8685e1e2adb90d4ad576353bd02536cee039b4
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1d3ae6d7c6b4da6429ba80e8b6fd74e930e60bfb06244f28be52230a1ddf08c7
1d775b6a2fff29b5fbdb9762381e7fa14acd701ef7a4b2f1751c32aaf94d448c
3af96ff6780fd0ad83ebe52dfefa90d76e5a92c9a35c4ae91e210784b02e05fd
5000f61c723b587d7b082f81a4d8185560da0b249b618302bf1194c8f54c3441
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
751ea05c9523fe644507f4a0e7038526dfe74e855483bc338acabb9f7455f8af
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a40c36c7819d92629fa9cc86b6053711fd157b26c3777965a0c3fedaa639597
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8b11a7c94e4703b7d30dd542fbc0da18c226314c7f96618ca481992212612230
97726d21eeb10f374f59969c13807d7f54dd5cb645940e9d32f677c5e4a1f4b6
98f7235735ce61dff27df4db08c45c1e30a2090b12c3332acad653ff97b265f6
9f6ba2a1bb04fb4ebe36dc8814e5c9c1d820cbb60da0a73b30b748434ecc4812
a6f29d613fb5f0601de883f702315997e45fe3740c8beb351cb50533a9439257
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855