urlscan.io logo urlscan.io
SecurityTrails logo

accounts.carpages.ca Open in urlscan Pro
35.186.215.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.carpages.ca/
Effective URL: https://accounts.carpages.ca/login/
Submission: On August 18 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 35.186.215.85, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is accounts.carpages.ca.
TLS certificate: Issued by WR3 on August 17th 2024. Valid for: 3 months.
This is the only time accounts.carpages.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 35.186.215.85 15169 (GOOGLE)
2 35.190.38.72 15169 (GOOGLE)
2 142.250.65.196 15169 (GOOGLE)
1 172.217.165.131 15169 (GOOGLE)
13 4
Apex Domain
Subdomains		 Transfer
12 carpages.ca
accounts.carpages.ca
assets.carpages.ca
1 MB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
989 B
1 gstatic.com
www.gstatic.com
210 KB
13 3
Domain Requested by
10 accounts.carpages.ca 2 redirects accounts.carpages.ca
2 www.google.com accounts.carpages.ca
www.gstatic.com
2 assets.carpages.ca
1 www.gstatic.com www.google.com
13 4

This site contains no links.

Subject Issuer Validity Valid
accounts.carpages.ca
WR3		 2024-08-17 -
2024-11-15		 3 months crt.sh
assets.carpages.ca
WR3		 2024-07-04 -
2024-10-02		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://accounts.carpages.ca/login/
Frame ID: A9546F04A6CBD925854B637957CAEA15
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGG7UjAAAAAK2I26OVX0PsEukIRMGylQjLQynT&co=aHR0cHM6Ly9hY2NvdW50cy5jYXJwYWdlcy5jYTo0NDM.&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=t5gq9slwu76x
Frame ID: 54712C950A4E937737AAB8EF88DFAD2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Carpages.ca • Sign In

Page URL History Show full URLs

  1. https://accounts.carpages.ca/ HTTP 302
    https://accounts.carpages.ca/login HTTP 301
    https://accounts.carpages.ca/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1373 kB
Transfer

2394 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.carpages.ca/ HTTP 302
    https://accounts.carpages.ca/login HTTP 301
    https://accounts.carpages.ca/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
accounts.carpages.ca/login/
Redirect Chain
  • https://accounts.carpages.ca/
  • https://accounts.carpages.ca/login
  • https://accounts.carpages.ca/login/
10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
3573dc9008a0eb4dc066ef562c3d1d90e0b5b01d09049782f0166c8accaaf1fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 18 Aug 2024 07:19:34 GMT
expires
Sun, 18 Aug 2024 07:19:34 GMT
server
Apache/2.4.57 (Debian)
strict-transport-security
max-age=63072000
vary
Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
date
Sun, 18 Aug 2024 07:19:34 GMT
location
https://accounts.carpages.ca/login/
server
Apache/2.4.57 (Debian)
strict-transport-security
max-age=63072000
via
1.1 google
application.9de10095.css
accounts.carpages.ca/build/js/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/build/js/application.9de10095.css
Requested by
Host: accounts.carpages.ca
URL: https://accounts.carpages.ca/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
2e2b599238643fbe1f71042dc829d656d1bcf2f730da3df8748d09f2ad601b4c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:34 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
via
1.1 google
etag
"69db-60e383193ef40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5733
runtime.57bb2269.js
accounts.carpages.ca/build/ 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/build/runtime.57bb2269.js
Requested by
Host: accounts.carpages.ca
URL: https://accounts.carpages.ca/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
41502575d430f12f7e83932f309cea156993febe193c8f1760fc3e6a42f711ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:34 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
via
1.1 google
etag
"60a-60e383193ef40-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
841
895.10380868.js
accounts.carpages.ca/build/ 		1 MB
512 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/build/895.10380868.js
Requested by
Host: accounts.carpages.ca
URL: https://accounts.carpages.ca/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
59bcfeccb426d6b70b2532e55b08a1184bfe8ecaf320031516920f1ec177e514
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:34 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
via
1.1 google
etag
"123dcd-60e383193ef40-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
application.43e900aa.js
accounts.carpages.ca/build/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/build/js/application.43e900aa.js
Requested by
Host: accounts.carpages.ca
URL: https://accounts.carpages.ca/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
69e1d0b633ffdaef530694b110672d74d1c55e2e6059d7d2a6d050ad748f329b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:34 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
via
1.1 google
etag
"5116-60e383193ef40-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5771
source.ac0437d0.webp
accounts.carpages.ca/build/images/ 		563 KB
563 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.carpages.ca/build/images/source.ac0437d0.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
7688b67e549f8c703e0593d00c8371e151e35effa1223d6a954db2c57756c371
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:34 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
etag
"8cae6-60e383193ef40"
content-type
image/webp
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
576230
logo-1colour-light.svg
assets.carpages.ca/static/logo/cp/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.carpages.ca/static/logo/cp/logo-1colour-light.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa1f8012c41bdb965ba6401f29562146ce1d02d93821bfc1fe3feb827023749c

Request headers

Referer
https://accounts.carpages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:35 GMT
x-goog-meta-goog-reserved-file-mtime
1654892729
age
0
x-guploader-uploadid
AHxI1nOvffRoYBns2sDH-3uohz2WcSDHeH-TYimJqyjgTIZoOmNDBcbAXXWWvbI6YWnVqLmKS2M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6558
last-modified
Fri, 10 Jun 2022 20:25:40 GMT
server
UploadServer
etag
"f38a3c32bfb5fb3e4222ee259640d220"
x-goog-generation
1654892740086755
x-goog-hash
crc32c=SjUzhw==, md5=84o8Mr+1+z5CIu4llkDSIA==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6558
accept-ranges
bytes
expires
Sun, 18 Aug 2024 08:19:35 GMT
logo.svg
assets.carpages.ca/static/logo/cp/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.carpages.ca/static/logo/cp/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6665f3451179b24ac5ac1a66a22eeddc0130c7099406f7a85ee7f97aff4ccc5a

Request headers

Referer
https://accounts.carpages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 06:51:46 GMT
x-goog-meta-goog-reserved-file-mtime
1654892729
age
1669
x-guploader-uploadid
AHxI1nODsTgdc8K_iM3I4W7c7yG6QANzxHGpWkYSJZD8JerubPgCJpekI7ozxTPxGumpFrOYL9I
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6594
last-modified
Fri, 10 Jun 2022 20:25:40 GMT
server
UploadServer
etag
"983a2f230d0c0b658a5ece4f848539ea"
x-goog-generation
1654892740215932
x-goog-hash
crc32c=w4ibCQ==, md5=mDovIw0MC2WKXs5PhIU56g==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6594
accept-ranges
bytes
expires
Sun, 18 Aug 2024 07:51:46 GMT
proxregit.e80946f4.woff
accounts.carpages.ca/build/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/build/fonts/proxregit.e80946f4.woff
Requested by
Host: accounts.carpages.ca
URL: https://accounts.carpages.ca/build/js/application.9de10095.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
4cb9e64db16b74fbe2b90053c8bb4a6bf4518ac8b697a68a165b53ae45406d8f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/build/js/application.9de10095.css
Origin
https://accounts.carpages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:35 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
etag
"6d0c-60e383193ef40"
content-type
font/woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27916
api.js
www.google.com/recaptcha/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcGG7UjAAAAAK2I26OVX0PsEukIRMGylQjLQynT
Requested by
Host: accounts.carpages.ca
URL: https://accounts.carpages.ca/build/895.10380868.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f4.1e100.net
Software
GSE /
Resource Hash
86d55e0d0e71047913acccfd64b2e880858ca6f6bcff5e78dfe2efb8daacfebe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.carpages.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 18 Aug 2024 07:19:34 GMT
favicon.ico
accounts.carpages.ca/build/assets/ 		33 KB
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.carpages.ca/build/assets/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
85.215.186.35.bc.googleusercontent.com
Software
Apache/2.4.57 (Debian) /
Resource Hash
34d389b184d2d9e671a6934e1cc9a682a3c062634cf7dc9232c48c705191bd83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://accounts.carpages.ca/login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 07:19:35 GMT
strict-transport-security
max-age=63072000
via
1.1 google
last-modified
Fri, 05 Jan 2024 19:52:53 GMT
server
Apache/2.4.57 (Debian)
etag
"821e-60e383193ef40"
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33310
recaptcha__en.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		531 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcGG7UjAAAAAK2I26OVX0PsEukIRMGylQjLQynT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f3.1e100.net
Software
sffe /
Resource Hash
e96a5e1e04ee3d7ffd8118f853ec2c0bcbf73b571cfa1c710238557baf5dd896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.carpages.ca/
Origin
https://accounts.carpages.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 03:43:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214556
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Aug 2025 03:43:08 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5471 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGG7UjAAAAAK2I26OVX0PsEukIRMGylQjLQynT&co=aHR0cHM6Ly9hY2NvdW50cy5jYXJwYWdlcy5jYTo0NDM.&hl=en&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=t5gq9slwu76x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KYzMgjDreuZgxf2TLwxTdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.carpages.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KYzMgjDreuZgxf2TLwxTdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Aug 2024 07:19:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| G function| QueueJS object| webpackChunk_carpages_accounts function| _ function| onRecaptchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_277705

1 Cookies

Domain/Path Name / Value
accounts.carpages.ca/ Name: PHPSESSID
Value: f1603f4c1f92fec8687c9ea41c4f1c3a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000