urlscan.io logo urlscan.io
SecurityTrails logo

bypass1.bankyaw.xyz Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://bypass1.bankyaw.xyz/
Submission: On July 30 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 35 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is bypass1.bankyaw.xyz.
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.
This is the only time bypass1.bankyaw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 12 66.70.203.130 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
35 6
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bypass1.bankyaw.xyz
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    66.70.203.130 (Canada)

ASN16276 (OVH, FR)
PTR: vps.citizenlab.ca
citizenlab.ca
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
12 citizenlab.ca
citizenlab.ca
182 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 bankyaw.xyz
bypass1.bankyaw.xyz
16 KB
1 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
104 KB
35 5
Domain Requested by
12 citizenlab.ca 1 redirects bypass1.bankyaw.xyz
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 bypass1.bankyaw.xyz bypass1.bankyaw.xyz
1 www.youtube-nocookie.com bypass1.bankyaw.xyz
1 www.googletagmanager.com bypass1.bankyaw.xyz
35 5
Subject Issuer Validity Valid
bankyaw.xyz
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
citizenlab.ca
R10		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bypass1.bankyaw.xyz/
Frame ID: B3CEC86D64DA396E5EDC94210C128A23
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/Jsa0NKiryNM?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=0&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Frame ID: 95C6958CA69A7D196543FA0798437754
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Citizen Lab - University of Toronto

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

46 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

313 kB
Transfer

604 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png&nocache=1 HTTP 302
  • https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bypass1.bankyaw.xyz/ 		66 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bypass1.bankyaw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
850cca781b4b3f59433ab748d4ef66ab6a5a35dae26c99964d8dc041e1549d21
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://targetedthreats.net
age
858
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ab3afe22bd40ead-AMS
content-encoding
br
content-security-policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
content-type
text/html; charset=UTF-8
date
Tue, 30 Jul 2024 07:38:05 GMT
feature-policy
sync-xhr 'self'
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKVMgIlsLr1xblhJUuh5l8FE5g%2Fa%2BwlYrlei4un8V1p2LYskQ4H2BouubYWISaL2ZC37yVisckrCQrWSC%2B7jZC5T%2FR4U%2FTxVMz7eJOKt9iIIyiLGE7j6E8KOp76KE5m5KNGtHeZE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
via
1.1 varnish-v4
x-cache
HIT
x-cache-svr
citizenlab.ca
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-varnish
1840333 203244
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f44ae569779242c3c701d0c1d42f53aa943607ca6944264d6092bda9c685272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105644
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 07:38:05 GMT
CL-logo-3-headed.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/CL-logo-3-headed.png
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
a697516b3931d47c9536d0e3643c6baabb14437558ef2f0386e3045583fff79b
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
3596
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-12fa"
X-Frame-Options
SAMEORIGIN
X-Varnish
4720568 2329195
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
MunkSchool-WHT.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/MunkSchool-WHT.png
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
1a6200b14c640e875c4bcc5cb418261017a8c752d66115257509c409ef485834
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
3596
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-5106"
X-Frame-Options
SAMEORIGIN
X-Varnish
1840337 557150
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
style.min.css
citizenlab.ca/wp-includes/css/dist/block-library/ 		0
0
bigfoot-number.css
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
ytprefs.min.css
citizenlab.ca/wp-content/plugins/youtube-embed-plus/styles/ 		0
0
tachyons.css
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/ 		0
0
style.css
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/ 		0
0
all.min.css
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/fontawesome/css/ 		0
0
jquery.min.js
citizenlab.ca/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
citizenlab.ca/wp-includes/js/jquery/ 		0
0
ytprefs.min.js
citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ 		0
0
modernizr.custom.min.js
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/libs/ 		0
0
Jsa0NKiryNM
www.youtube-nocookie.com/embed/ Frame 95C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/Jsa0NKiryNM?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=0&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bypass1.bankyaw.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 07:38:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
email-decode.min.js
bypass1.bankyaw.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bypass1.bankyaw.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2024 16:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"669fdbbe-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7fr8MLIM342mBNXjVSLiI91%2FRuj8zTjvX1tWJZ3iDolv1RZQrYpyJVlNvjj4LB79JX4VODqzeXu8S%2FEd5KtkX1HPhDSBGFDGaPGV7sf7HJnpnD5wNWTzKuaz2NTjivUh1OEdW68"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8ab3afeafcb90ead-AMS
expires
Thu, 01 Aug 2024 07:38:05 GMT
MunkSchool-WHT.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/MunkSchool-WHT.png
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
1a6200b14c640e875c4bcc5cb418261017a8c752d66115257509c409ef485834
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
3596
X-Cache
HIT
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-5106"
X-Frame-Options
SAMEORIGIN
X-Varnish
1840337 557150
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
bigfoot.js
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
bigfoot.min.js
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
bigfoot-function.js
citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/ 		0
0
fitvids.min.js
citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ 		0
0
search-menu.js
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/ 		0
0
jquery.details.min.js
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/jquery-details/ 		0
0
forms.js
citizenlab.ca/wp-content/plugins/mailchimp-for-wp/assets/js/ 		0
0
wp-emoji-release.min.js
citizenlab.ca/wp-includes/js/ 		0
0
webpc-passthru.php
citizenlab.ca/wp-content/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/05/featured-image@3x-605x340.png&nocache=1
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
0f5f731f5de1fcf769f75529bc8446ec4b93b3e47c6978095527894497bc8008
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2912
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
1840341 4719541
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
featured-image-1-605x340.gif
citizenlab.ca/wp-content/uploads/2024/04/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/uploads/2024/04/featured-image-1-605x340.gif
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
0c987015595939713e794708c192140cc10e81ac1d4dea4447fb7b73310b3e8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2912
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 23 Apr 2024 02:59:15 GMT
Server
nginx/1.21.6
ETag
W/"66272403-94d4"
X-Frame-Options
SAMEORIGIN
X-Varnish
4720570 3643256
Content-Type
image/gif
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/02/paperwall-featuredimage@2x-605x340.png&nocache=1
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
7bfc79e2249c71f0c32ac13cc9e45c8f763d8a07888560cb9ac3916029781d75
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2912
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
4720572 4719538
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2023/11/lkq-featuredimage-605x340.png&nocache=1
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
aa6e3aa3b9bbbf87e06806be557c6ac46391b061b1408a441f2bc94bcea7aab1
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2912
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
1840339 4719544
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/07/event-post1-297x167.png&nocache=1
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
03446f0932820ba14e45d5b260af16bd8574fe018f1b91b4783ebd7c7697becc
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2912
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
1840343 524427
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
submission-post-1-297x167.png
citizenlab.ca/wp-content/uploads/2024/03/
Redirect Chain
  • https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png&nocache=1
  • https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png
63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
d6cd5936c757e44a865bba99365688e3cd0211093d8ef934eddd3c73242e7a99
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2911
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 18 Mar 2024 16:23:18 GMT
Server
nginx/1.21.6
ETag
W/"65f86a76-fdde"
X-Frame-Options
SAMEORIGIN
X-Varnish
1840347 853197
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca

Redirect headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2911
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Location
https://citizenlab.ca/wp-content/uploads/2024/03/submission-post-1-297x167.png
X-Varnish
4720574 853194
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
X-Cache-Svr
citizenlab.ca
webpc-passthru.php
citizenlab.ca/wp-content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenlab.ca/wp-content/webpc-passthru.php?src=https://citizenlab.ca/wp-content/uploads/2024/01/Job-featured-image-297x167.png&nocache=1
Requested by
Host: bypass1.bankyaw.xyz
URL: https://bypass1.bankyaw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 / PHP/7.4.33
Resource Hash
cb4d6e7dac6e19dbecc74dd763bafbd3dc43a8f59c9f68c270f6f8401c2d7f82
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:06 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
2912
X-Powered-By
PHP/7.4.33
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Server
nginx/1.21.6
X-Frame-Options
SAMEORIGIN
X-Varnish
1840345 524430
Content-Type
image/webp
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4518700179cb13b9e225f707496de0cddae2209098392de30eb2f7f150736511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 07:38:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 30 Jul 2024 07:38:06 GMT
www-widgetapi.js
www.youtube.com/s/player/0e90208b/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e90208b/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 05:51:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
6409
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
x-xss-protection
0
last-modified
Thu, 25 Jul 2024 04:16:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Jul 2025 05:51:17 GMT
favicon-32x32.png
citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/ 		646 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/images/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.203.130 , Canada, ASN16276 (OVH, FR),
Reverse DNS
vps.citizenlab.ca
Software
nginx/1.21.6 /
Resource Hash
81d5eb4bd52f34d3d1768c20b7aa87ba38cdd06d29d8ece8cf0060b9b1065f13
Security Headers
Name Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bypass1.bankyaw.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 07:38:07 GMT
Via
1.1 varnish-v4
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15768000
Content-Security-Policy
default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Age
3194
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 Jul 2023 20:57:06 GMT
Server
nginx/1.21.6
ETag
W/"64a487a2-286"
X-Frame-Options
SAMEORIGIN
X-Varnish
4720582 3442134
Content-Type
image/png
cache-control
public, max-age=2592000
Feature-Policy
sync-xhr 'self'
Accept-Ranges
bytes
X-Cache-Svr
citizenlab.ca

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/css/dist/block-library/style.min.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-number.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/tachyons.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/style.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/fontawesome/css/all.min.css
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/js/jquery/jquery.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/js/jquery/jquery-migrate.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/libs/modernizr.custom.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-function.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/search-menu.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/jquery-details/jquery.details.min.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js
Domain
citizenlab.ca
URL
https://citizenlab.ca/wp-includes/js/wp-emoji-release.min.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| _EPYT_ function| gtag object| dataLayer object| mc4wp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady

5 Cookies

Domain/Path Name / Value
.bankyaw.xyz/ Name: _ga_RCDQQLPVF0
Value: GS1.1.1722325086.1.0.1722325086.0.0.0
.bankyaw.xyz/ Name: _ga
Value: GA1.1.707069490.1722325086
.youtube.com/ Name: YSC
Value: 6SGDXNQYYh0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QGAQCxBh_-c
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJOTBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXg%3D%3D

24 Console Messages

Source Level URL
Text
security error URL: https://bypass1.bankyaw.xyz/(Line 73)
Message:
Refused to create a worker from 'blob:https://bypass1.bankyaw.xyz/d7e9ab88-a568-470c-8cb8-09315791922a' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 90)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-includes/css/dist/block-library/style.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 117)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-number.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 118)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 126)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/tachyons.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 127)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/css/style.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 131)
Message:
Refused to load the stylesheet 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/fontawesome/css/all.min.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-includes/js/jquery/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-includes/js/jquery/jquery-migrate.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/libs/modernizr.custom.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other warning URL: https://bypass1.bankyaw.xyz/(Line 597)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/bigfoot_footnotes/library/bigfoot-function.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/search-menu.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/themes/citizenlab-wp-theme/library/js/jquery-details/jquery.details.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/
Message:
Refused to load the script 'https://citizenlab.ca/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bypass1.bankyaw.xyz/(Line 73)
Message:
Refused to load the script 'https://citizenlab.ca/wp-includes/js/wp-emoji-release.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47t0v896993804za200&_p=1722325085889&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=707069490.1722325086&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722325086&sct=1&seg=0&dl=https%3A%2F%2Fbypass1.bankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&_ee=1&ep.anonymize_ip=true&tfd=1788' because it violates the following Content Security Policy directive: "connect-src 'self' www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47t0v896993804za200&_p=1722325085889&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=707069490.1722325086&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722325086&sct=1&seg=0&dl=https%3A%2F%2Fbypass1.bankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&_ee=1&ep.anonymize_ip=true&tfd=1788' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47t0v896993804za200&_p=1722325085889&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=707069490.1722325086&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1722325086&sct=1&seg=0&dl=https%3A%2F%2Fbypass1.bankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=user_engagement&ep.anonymize_ip=true&_et=9389&tfd=11181' because it violates the following Content Security Policy directive: "connect-src 'self' www.google-analytics.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-RCDQQLPVF0(Line 228)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-RCDQQLPVF0&gtm=45je47t0v896993804za200&_p=1722325085889&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=707069490.1722325086&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1722325086&sct=1&seg=0&dl=https%3A%2F%2Fbypass1.bankyaw.xyz%2F&dt=The%20Citizen%20Lab%20-%20University%20of%20Toronto&en=user_engagement&ep.anonymize_ip=true&_et=9389&tfd=11181' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' citizenlab.ca www.citizenlab.ca citizenlab.org www.citizenlab.org; font-src 'self' data: ; img-src * data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google-analytics.com www.googletagmanager.com www.youtube.com; frame-src 'self' www.youtube-nocookie.com www.youtube.com ; style-src 'self' 'unsafe-inline'; connect-src 'self' www.google-analytics.com;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block