urlscan.io logo urlscan.io
SecurityTrails logo

bfdeals.ca Open in urlscan Pro
142.4.196.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bfdeals.ca/
Effective URL: https://bfdeals.ca/
Submission: On October 27 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 22 domains to perform 48 HTTP transactions. The main IP is 142.4.196.160, located in Canada and belongs to OVH, FR. The main domain is bfdeals.ca.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 9th 2023. Valid for: 3 months.
This is the only time bfdeals.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 142.4.196.160 16276 (OVH)
1 192.229.173.207 15133 (EDGECAST)
10 142.251.16.95 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 184.146.19.213 577 (BACOM)
1 151.101.128.238 54113 (FASTLY)
1 151.101.129.55 54113 (FASTLY)
2 172.253.115.119 15169 (GOOGLE)
1 169.150.236.100 60068 (CDN77 ^_^)
1 184.28.137.249 16625 (AKAMAI-AS)
4 3.161.214.237 16509 (AMAZON-02)
1 172.67.26.2 13335 (CLOUDFLAR...)
1 3.161.213.126 16509 (AMAZON-02)
1 151.101.0.155 54113 (FASTLY)
1 23.60.0.74 16625 (AKAMAI-AS)
2 3.161.213.72 16509 (AMAZON-02)
1 205.234.175.175 30081 (CACHENETW...)
1 13.107.226.38 8075 (MICROSOFT...)
2 172.253.115.94 15169 (GOOGLE)
1 157.240.244.1 32934 (FACEBOOK)
1 142.251.167.105 15169 (GOOGLE)
5 142.251.163.95 15169 (GOOGLE)
2 172.253.63.120 15169 (GOOGLE)
1 157.240.244.35 32934 (FACEBOOK)
48 25
2    142.4.196.160 (Canada)

ASN16276 (OVH, FR)
PTR: papineau.whc.ca
bfdeals.ca
1    192.229.173.207 (New York, United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
10    142.251.16.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net
fonts.googleapis.com
maps.googleapis.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    184.146.19.213 (Kleinburg Station, Canada)

ASN577 (BACOM, CA)
PTR: bras-base-knbgon2106w-grc-02-184-146-19-213.dsl.bell.ca
bdwarehouse.ca
1    151.101.128.238 (United States)

ASN54113 (FASTLY, US)
images.squarespace-cdn.com
1    151.101.129.55 (United States)

ASN54113 (FASTLY, US)
assetsio.reedpopcdn.com
2    172.253.115.119 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f119.1e100.net
i.ytimg.com
1    169.150.236.100 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-236-100.datapacket.com
static1.makeuseofimages.com
1    184.28.137.249 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-137-249.deploy.static.akamaitechnologies.com
i5.walmartimages.com
4    3.161.214.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-214-237.yul62.r.cloudfront.net
m.media-amazon.com
1    172.67.26.2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.visions.ca
1    3.161.213.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-126.yul62.r.cloudfront.net
uploads-ssl.webflow.com
1    151.101.0.155 (United States)

ASN54113 (FASTLY, US)
hips.hearstapps.com
1    23.60.0.74 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-0-74.deploy.static.akamaitechnologies.com
cb2.scene7.com
2    3.161.213.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-72.yul62.r.cloudfront.net
media.istockphoto.com
1    205.234.175.175 (Carrollton, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.arstechnica.net
1    13.107.226.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.crownperth.com.au
2    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
fonts.gstatic.com
1    157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net
connect.facebook.net
1    142.251.167.105 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f105.1e100.net
www.google.com
5    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
maps.googleapis.com
2    172.253.63.120 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f120.1e100.net
maps.gstatic.com
1    157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
15 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
maps.googleapis.com — Cisco Umbrella Rank: 393
238 KB
4 gstatic.com
fonts.gstatic.com
maps.gstatic.com
92 KB
4 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 530
160 KB
2 istockphoto.com
media.istockphoto.com — Cisco Umbrella Rank: 14313
124 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
361 KB
2 bdwarehouse.ca
bdwarehouse.ca
781 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
82 KB
2 bfdeals.ca
bfdeals.ca
9 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110 Failed
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
91 KB
1 crownperth.com.au
www.crownperth.com.au
147 KB
1 arstechnica.net
cdn.arstechnica.net — Cisco Umbrella Rank: 51503
162 KB
1 scene7.com
cb2.scene7.com — Cisco Umbrella Rank: 174680
81 KB
1 hearstapps.com
hips.hearstapps.com — Cisco Umbrella Rank: 9095
804 KB
1 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 12350
208 KB
1 visions.ca
www.visions.ca
16 KB
1 walmartimages.com
i5.walmartimages.com — Cisco Umbrella Rank: 6262
14 KB
1 makeuseofimages.com
static1.makeuseofimages.com — Cisco Umbrella Rank: 61197
15 KB
1 reedpopcdn.com
assetsio.reedpopcdn.com — Cisco Umbrella Rank: 56348
23 KB
1 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 5075
446 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 17459
5 KB
48 22
Domain Requested by
13 maps.googleapis.com www.google.com
maps.googleapis.com
bfdeals.ca
4 m.media-amazon.com bfdeals.ca
2 maps.gstatic.com www.google.com
bfdeals.ca
2 fonts.gstatic.com fonts.googleapis.com
2 media.istockphoto.com bfdeals.ca
2 i.ytimg.com bfdeals.ca
2 bdwarehouse.ca bfdeals.ca
2 cdnjs.cloudflare.com bfdeals.ca
cdnjs.cloudflare.com
2 fonts.googleapis.com bfdeals.ca
2 bfdeals.ca 1 redirects
1 www.facebook.com connect.facebook.net
1 www.google.com bfdeals.ca
1 connect.facebook.net bfdeals.ca
1 www.crownperth.com.au bfdeals.ca
1 cdn.arstechnica.net bfdeals.ca
1 cb2.scene7.com bfdeals.ca
1 hips.hearstapps.com bfdeals.ca
1 uploads-ssl.webflow.com bfdeals.ca
1 www.visions.ca bfdeals.ca
1 i5.walmartimages.com bfdeals.ca
1 static1.makeuseofimages.com bfdeals.ca
1 assetsio.reedpopcdn.com bfdeals.ca
1 images.squarespace-cdn.com bfdeals.ca
1 www.w3schools.com bfdeals.ca
48 24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
bfdeals.ca
cPanel, Inc. Certification Authority		 2023-09-09 -
2023-12-08		 3 months crt.sh
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
bdwarehouse.ca
Sectigo RSA Domain Validation Secure Server CA		 2023-04-21 -
2024-04-21		 a year crt.sh
*.squarespace-cdn.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.reedpopcdn.com
R3		 2023-10-18 -
2024-01-16		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
static1.makeuseofimages.com
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
prod.walmartimages.com
GlobalSign ECC OV SSL CA 2018		 2023-08-28 -
2024-09-28		 a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2023-08-09 -
2024-07-24		 a year crt.sh
www.visions.ca
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-05-23 -
2024-06-22		 a year crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02		 2023-07-29 -
2024-08-26		 a year crt.sh
cosmopolitan.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-25 -
2024-10-26		 a year crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-06 -
2024-01-09		 a year crt.sh
media.gettyimages.com
Amazon RSA 2048 M02		 2023-02-10 -
2024-03-10		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2022-11-01 -
2023-12-03		 a year crt.sh
www.crownperth.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-08 -
2024-02-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-05 -
2023-11-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bfdeals.ca/
Frame ID: 6602195DD9C8A2D1530ACA2F24A4E767
Requests: 32 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2880.422437342043!2d-79.48825692260675!3d43.784846643904594!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x882b2f1b4e63f72d%3A0x89682e727219c84d!2sBlack%20Friday%20Deals%20Canada!5e0!3m2!1sen!2sca!4v1685532937335!5m2!1sen!2sca
Frame ID: 4D4F53BFDA2FA69941CF8E6457CD62EB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Search

Page URL History Show full URLs

  1. http://bfdeals.ca/ HTTP 301
    https://bfdeals.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

48
Requests

96 %
HTTPS

0 %
IPv6

22
Domains

24
Subdomains

25
IPs

4
Countries

3863 kB
Transfer

4833 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bfdeals.ca/ HTTP 301
    https://bfdeals.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bfdeals.ca/
Redirect Chain
  • http://bfdeals.ca/
  • https://bfdeals.ca/
34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.196.160 , Canada, ASN16276 (OVH, FR),
Reverse DNS
papineau.whc.ca
Software
LiteSpeed /
Resource Hash
154c5cbad821c08e5be69495b6adc877f6b3b4de7cc2a3ca69ecff54563f083f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
8415
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 04:18:41 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Fri, 27 Oct 2023 04:18:41 GMT
location
https://bfdeals.ca/
server
LiteSpeed
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.207 New York, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81FE) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Fri, 27 Oct 2023 04:18:41 GMT
last-modified
Thu, 26 Oct 2023 10:36:28 GMT
server
ECS (cha/81FE)
age
3955
etag
"0deae46f87da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5250
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
css
fonts.googleapis.com/ 		2 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 27 Oct 2023 04:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 03:02:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Oct 2023 04:18:41 GMT
css
fonts.googleapis.com/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
ESF /
Resource Hash
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 27 Oct 2023 04:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 02:58:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Oct 2023 04:18:41 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2442175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyTQlzFAFsYZAmPzCq0dp0zXo%2BzBGrDI3OoEP930cTTL5C%2BRwb2W2VTGGZ6G0X3Vrh8vWU62Aee2U2TMH1zVw9zyHMIm1MUVzMmgSjfyv95gCl05Sbi1fY4hbOwqXhaG8c6LUWxj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c822f2ba8836d9-YYZ
expires
Wed, 16 Oct 2024 04:18:41 GMT
BlackFridayDealsShorterBlack.png
bdwarehouse.ca/images/ 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bdwarehouse.ca/images/BlackFridayDealsShorterBlack.png
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.146.19.213 Kleinburg Station, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-knbgon2106w-grc-02-184-146-19-213.dsl.bell.ca
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e44ebbb936ed5519edfd7c6f276cf181e1f7af8c1be2fd28c64d3dbfb2dfc793

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 04:18:40 GMT
Last-Modified
Mon, 12 Jun 2023 20:40:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"46d7c-5fdf4bac7ce90"
Access-Control-Allow-Methods
GET, POST, OPTIONS, DELETE, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Authorization
Content-Length
290172
BlackFridayDeals.png
bdwarehouse.ca/images/ 		497 KB
498 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bdwarehouse.ca/images/BlackFridayDeals.png
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.146.19.213 Kleinburg Station, Canada, ASN577 (BACOM, CA),
Reverse DNS
bras-base-knbgon2106w-grc-02-184-146-19-213.dsl.bell.ca
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61204b87bb510f78b71fcc4e9899e5da90216ee89417330b5f2f09a231a3592d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 04:18:40 GMT
Last-Modified
Mon, 24 Apr 2023 00:26:20 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"7c494-5fa0a0e4eb725"
Access-Control-Allow-Methods
GET, POST, OPTIONS, DELETE, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, Authorization
Content-Length
509076
open+doors.jpg
images.squarespace-cdn.com/content/v1/55f252aee4b0c5531644fe10/1506970396716-SM1WPIH3PTYQ68UMGJR5/ 		446 KB
446 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/55f252aee4b0c5531644fe10/1506970396716-SM1WPIH3PTYQ68UMGJR5/open+doors.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eed0f37c45fc56fb06887c6dfbb86a3ef6c7fb1530515addb2c03473f1c37e8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits
23, 1
date
Fri, 27 Oct 2023 04:18:41 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
1368128
x-cache
HIT, HIT
content-length
456587
x-served-by
cache-iad-kjyo7100027-IAD, cache-yyz4560-YYZ
x-timer
S1698380322.718682,VS0,VE1
etag
CJH6xNGvqOsCEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
sennheiser-hd-599-se-df-deal.jpg
assetsio.reedpopcdn.com/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assetsio.reedpopcdn.com/sennheiser-hd-599-se-df-deal.jpg?width=1200&height=1200&fit=bounds&quality=70&format=jpg&auto=webp
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f579989b1aed6b3b1bac5445a9db2a0d6ea9031a6c151e8bbe7e2762bc66f1c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img02-europe-west2
x-amz-request-id
3YEZF7GDGHKEXRQ2
age
77132
x-cache
MISS, HIT
fastly-io-info
ifsz=499011 idim=1920x1080 ifmt=jpeg ofsz=22754 odim=1200x675 ofmt=webp
fastly-stats
io=1
content-length
22754
x-amz-id-2
gOART8rm8yk/zH8/30ZfQugvCK/RJNx/R/i02lxYvZEHRE5HcZ70Zre9hX8VSHxa+gmAVsjDPvI=
x-served-by
cache-dub4324-DUB, cache-yyz4540-YYZ
server
AmazonS3
x-timer
S1698380322.734642,VS0,VE1
etag
"wuflCAwZ5+ksMmIUqyF2Sm4e2QWBH8y6bZAR73AnhqU"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 1
maxresdefault.jpg
i.ytimg.com/vi/XKeZL1j47lU/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/XKeZL1j47lU/maxresdefault.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
sffe /
Resource Hash
83d23c11cf9247ebe3b3a7ade104bedfc81a71040945db31989b3baaae04cbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176378
x-xss-protection
0
server
sffe
etag
"1652135792"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Oct 2023 06:18:41 GMT
google-messages-vs-samsung-messages.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2023/03/google-messages-vs-samsung-messages.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.236.100 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-236-100.datapacket.com
Software
BunnyCDN-IL1-1070 /
Resource Hash
5e5150b29461c8eb04189af55eabdd611722641ee8cda57d29abba70e3ea5a05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
cdn-edgestorageid
1068
cdn-cachedat
08/14/2023 18:43:31
cdn-pullzone
1165051
content-disposition
inline; filename="google-messages-vs-samsung-messages.avif"
content-length
15136
x-request-id
OIP4pYY0hPSB8SoJs9V9B
server
BunnyCDN-IL1-1070
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"yYjPOgavwDtdNcYPPlOXgtaV4iVPt-_mqFOLnudhrrQ/RIk9rdXpPbm9zalFoZ3Z4eHAwdUVKakEi"
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
1bdb6511-4d52-4155-8068-50426668f87a
cache-control
public, max-age=31919000
cdn-requestid
2f98da293bd357064e216e11be556012
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
c2d81884-581e-4e46-8b6f-234f0507f77c.82877376c0fb13a835a842f9653e02dd.jpeg
i5.walmartimages.com/asr/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i5.walmartimages.com/asr/c2d81884-581e-4e46-8b6f-234f0507f77c.82877376c0fb13a835a842f9653e02dd.jpeg?odnHeight=372&odnWidth=372&odnBg=FFFFFF
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.28.137.249 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-137-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7fd6c47071440d79bd4b92666f268e64fd0bee4f551d54f0c73561c2677958ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
x-cdn
AK
content-md5
7wYqj+brDrlWN4DnvufKuA==
x-tb-oa-expiresat
1721400928
cache-tag
v1.3.66
x-tb-oa-originalcontenttype
image/jpeg
x-tb-oa-originalcontentsize
659477
content-disposition
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=101, product;desc="edge",host;desc="77e96b2a551b",dc;desc="9bfd8eb",fetch-ms;dur=0,req-proc-ms;dur=23, ak_p; desc="1698380321743_387977296_11061731_11286_473_15_37_146";dur=1
content-length
13440
x-tb
1
x-tb-optimization-original-content-type
image/jpeg
x-tb-optimization-total-bytes-saved
646037
x-tb-optimization-original-content-size
659477
last-modified
Sat, 29 Jul 2023 14:56:17 GMT
x-tb-optimization-original-expires-at
Fri, 19 Jul 2024 14:55:28 UTC
x-tb-optimization-version
v1.3.66
content-type
image/webp
x-tb-optimization-resized-content-size
21556
access-control-allow-methods
GET, PUT, POST, OPTIONS
access-control-expose-headers
*
cache-control
public, max-age=30758400
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
x-tb-oa-version
v1.3.66
expires
Thu, 17 Oct 2024 04:18:41 GMT
71wWp78vvyL._AC_SX522_.jpg
m.media-amazon.com/images/I/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/71wWp78vvyL._AC_SX522_.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.214.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-214-237.yul62.r.cloudfront.net
Software
Server /
Resource Hash
9a07dc2b6e40cd5d574404a963700b870091e0d973131256bb6699bbeaeb5c1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 15:11:25 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
age
7996036
x-amz-cf-pop
YUL62-P1
edge-cache-tag
x-cache-435,/images/I/71wWp78vvyL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
61830
surrogate-key
x-cache-435 /images/I/71wWp78vvyL
last-modified
Fri, 21 Aug 2020 09:12:29 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
01ab46ac-d433-4a41-b2f7-dd10f48070d9
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
KV8WQYhrl6z8YUP85r1gYXA-yEhKnCp6q4wWVAu4CJqdS79_DN_XGw==
expires
Tue, 21 Jul 2043 15:11:25 GMT
81bCnaYnsyL._AC_SX425_.jpg
m.media-amazon.com/images/I/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/81bCnaYnsyL._AC_SX425_.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.214.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-214-237.yul62.r.cloudfront.net
Software
Server /
Resource Hash
d07571c2e4d6e580d04063abe431d85bb9592576dc7611401d4e55bd5b92044f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 12:39:09 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
age
8696372
x-amz-cf-pop
YUL62-P1
edge-cache-tag
x-cache-540,/images/I/81bCnaYnsyL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="YUL62-P1",cdn-rid;desc="XZnF9TZWgPlibv4KpVZg3QfSQShKmsJi22vymNJ5ERhT7JpiT43Q4A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3,provider;desc="cf"
content-length
76319
surrogate-key
x-cache-540 /images/I/81bCnaYnsyL
last-modified
Tue, 17 May 2022 11:58:51 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
6e34eb12-5a13-4358-ba06-133b407b3869
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
XZnF9TZWgPlibv4KpVZg3QfSQShKmsJi22vymNJ5ERhT7JpiT43Q4A==
expires
Mon, 13 Jul 2043 12:39:09 GMT
59291_l_1.jpg
www.visions.ca/Images/Catalogue/Product/Dir2/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visions.ca/Images/Catalogue/Product/Dir2/59291_l_1.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2319157a0278c400cb6ab6d272a02a402f9b6ce4c68a4b0e275822dfb7aa7690

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 24 Aug 2020 16:07:33 GMT
server
cloudflare
age
41288
etag
"172feac307ad61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
81c822f2ebdf39c9-YYZ
content-length
16565
51+lSMJ6WmL._AC_SX425_.jpg
m.media-amazon.com/images/I/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/51+lSMJ6WmL._AC_SX425_.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.214.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-214-237.yul62.r.cloudfront.net
Software
Server /
Resource Hash
50c4192443b1a69de13fa56a8e5615e0ab66b9acf47dbf79440503052a85b94e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 18:41:16 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
age
4873045
x-amz-cf-pop
YUL62-P1
edge-cache-tag
x-cache-750,/images/I/51+lSMJ6WmL
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
7144
surrogate-key
x-cache-750 /images/I/51+lSMJ6WmL
last-modified
Fri, 26 Aug 2022 01:12:39 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
3f2fb027-c770-4a2f-a6e7-8087fcb4d861
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
LEyAjKN4Omb1sFApFN_GFPQyVvCpUvH9RdTkdN9v8WvyQ8OLxJGvBA==
expires
Wed, 26 Aug 2043 18:41:16 GMT
31ABtOCuN9L._SL500_.jpg
m.media-amazon.com/images/I/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/31ABtOCuN9L._SL500_.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.214.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-214-237.yul62.r.cloudfront.net
Software
Server /
Resource Hash
b217f33cd06b524b414c0004dcf1ede6d519b4c2ca95d3cbf9fc045e3f170d1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 11:23:07 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
age
233734
x-amz-cf-pop
YUL62-P1
edge-cache-tag
x-cache-842,/images/I/31ABtOCuN9L
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
15535
surrogate-key
x-cache-842 /images/I/31ABtOCuN9L
last-modified
Wed, 12 Aug 2020 11:31:36 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
acfc4818-7250-4fbf-a00e-178588561fad
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
cMyEFKIwrkHIER9xtpcPgRfhykHr16oZUV8P1FINp_YyyntQQIbjUw==
expires
Mon, 19 Oct 2043 11:23:07 GMT
620a031f9a31a61b89a4b1b7_Palletize%20boxes.jpg
uploads-ssl.webflow.com/60a4a4fb42c31d8c7ae0d7bd/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/60a4a4fb42c31d8c7ae0d7bd/620a031f9a31a61b89a4b1b7_Palletize%20boxes.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-126.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3904779eb28a91956120363d166ece0d05f506cd40bf4c93647ac9d0f0b71544

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 01:31:44 GMT
x-amz-version-id
JoLAuye7AbpAKiLooPQzQX1ZbWjzuEWp
via
1.1 7ea5749a224369d9af20b6d6ce7dbd92.cloudfront.net (CloudFront)
age
6576418
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
212129
last-modified
Mon, 14 Feb 2022 07:22:12 GMT
server
AmazonS3
etag
"a4a8136693fe604e77e2aad42efe4045"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
0StlwZs0ROTB9NeSnY6FM3aBD8FBNocIGOoQ3_7EWYoHGXjpTEO8bw==
maxresdefault.jpg
i.ytimg.com/vi/BbrCSRRLoXw/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/BbrCSRRLoXw/maxresdefault.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f119.1e100.net
Software
sffe /
Resource Hash
621a6d49cfc39874f42cc8fddcf0db53736be7b8fc59a77354bccb662e78671c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192621
x-xss-protection
0
server
sffe
etag
"1612200088"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Oct 2023 06:18:41 GMT
close-up-of-tools-hanging-on-wall-royalty-free-image-760251967-1563391812.jpg
hips.hearstapps.com/hmg-prod/images/ 		803 KB
804 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/hmg-prod/images/close-up-of-tools-hanging-on-wall-royalty-free-image-760251967-1563391812.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
310a16a907df19647689b3c2abe748032ab448ae63edb5be71dc77f10840de25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
x-image-dimensions
1732:1732
x-canonical-ops
crop=1732:1732;0,0&resize=1732:1732
age
274778
x-source-image-dimensions
1732:1732
content-type
image/jpeg
access-control-allow-origin
*
x-cache
HIT, HIT
cache-control
max-age=31536000, stale-while-revalidate=604800
x-animated
0
accept-ranges
bytes
x-robots-tag
all
timing-allow-origin
*
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
822153
090922_Super_Accessories_m
cb2.scene7.com/is/image/CB2/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cb2.scene7.com/is/image/CB2/090922_Super_Accessories_m?wid=690&qlt=70
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.60.0.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-0-74.deploy.static.akamaitechnologies.com
Software
Unknown /
Resource Hash
680c1528a6266bbbd453c655bf9a984efa312a466fe2b7e4143103b3e5ae8bdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[CB2/090922_Super_Accessories_m]
date
Fri, 27 Oct 2023 04:18:41 GMT
last-modified
Fri, 09 Sep 2022 16:32:18 GMT
server
Unknown
etag
"bba75423b57c0a6faac1c8bf970dfea1"
content-type
image/jpeg
access-control-allow-origin
*
content-length
82532
expires
Sat, 28 Oct 2023 22:24:01 GMT
baby-care-accessories-and-bootees.jpg
media.istockphoto.com/id/1318133723/photo/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.istockphoto.com/id/1318133723/photo/baby-care-accessories-and-bootees.jpg?s=612x612&w=0&k=20&c=5l5PpxJx6KzVsNJo0ZuIRtZjNuoGDC-7nsLa62qqMBI=
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-72.yul62.r.cloudfront.net
Software
Kestrel /
Resource Hash
afc29ea7f6027b5f575e0fb86a26420a958139a9776d1d4fff79aa1e3ded5e0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 12:03:01 GMT
Via
1.1 127983382a3a7d81ffa0cd46d6dbb2f0.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Aug 2023 12:03:01 GMT
Server
Kestrel
X-Amz-Cf-Pop
YUL62-P1
Age
5156140
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=7776000
Content-Disposition
inline; filename=istockphoto-1318133723-612x612.jpg
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
43946
X-Amz-Cf-Id
_iMV2fmudDz9N9UQsUQ2mb-S6b92UBNIhedhD6LOPPvWuUEXBYZJAg==
equipment-on-unique-wooden-boards-background.jpg
media.istockphoto.com/id/514611469/photo/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.istockphoto.com/id/514611469/photo/equipment-on-unique-wooden-boards-background.jpg?s=612x612&w=0&k=20&c=NwfVdxPLgktrSp0WxNOdOS81a4SSizugB93oy_QuhPo=
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-72.yul62.r.cloudfront.net
Software
Kestrel /
Resource Hash
844f183729aaef49dc4c611f6b3d0ea509f29c38ab0ea400c1b0c91f4bb4e03f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 04:18:41 GMT
Via
1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront)
Last-Modified
Thu, 31 Aug 2023 04:18:41 GMT
Server
Kestrel
X-Amz-Cf-Pop
YUL62-P1
Age
4924800
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=7776000
Content-Disposition
inline; filename=istockphoto-514611469-612x612.jpg
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Content-Length
81611
X-Amz-Cf-Id
deoU7L63Or39e9Kxb5XGyhG6F-0mCa7rxOPuG8E4Y_Zl5Jhg4zQG_Q==
xbseries.jpg
cdn.arstechnica.net/wp-content/uploads/2020/11/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2020/11/xbseries.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Carrollton, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
03c2a87c54b1d47ef70b41541d6c9b67205a7d4f02f7b6460e9812090b966d97

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
x-amz-version-id
IWkUQ0LSOPJlUsdKSu9IW1cAruw80zNC
x-cf-tsc
1698355695
x-cf3
H
x-amz-request-id
NNK3FZ43EKA4FGHX
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheN.yyz1-01:M
x-cf-reqid
9f5587a9ea74bdcf58f83a2472b0ab9d
x-amz-replication-status
COMPLETED
content-length
165600
x-amz-id-2
dzOTWZtdCkPIjLVFPEidFidyKMP0sHOlng5S9K+VuT4vemsgx3sXCZzQTTHunDrQozPlP7rKQv8=
x-cf2
H
last-modified
Tue, 24 Nov 2020 17:06:04 GMT
server
CFS 0215
x-cff
B
etag
"3850328d05f53af567556b2a47dacccc"
content-type
image/jpeg
access-control-allow-origin
*
cf4age
6884835
accept-ranges
bytes
220815-Crown-Perth-Gaming-Roulette-1200x800px-19.jpg
www.crownperth.com.au/getsydmedia/a897751c-7423-4bdb-a68b-e44ec5e8cbd9/ 		146 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.crownperth.com.au/getsydmedia/a897751c-7423-4bdb-a68b-e44ec5e8cbd9/220815-Crown-Perth-Gaming-Roulette-1200x800px-19.jpg
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8334480879eb9eea63baa20eaaeafae0899d227adccee4c4af7ea4fec608dfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 27 Oct 2023 04:18:42 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Ijo7ZQAAAABOKvyEd/LJTIsaC3A+PFAYTU5aMjIxMDYwNjEyMDQ1ADc0YTUzMjJmLTdlYWQtNDYzNS04ZTk4LTAwMjMyM2FhODU5NQ==
x-cache
TCP_MISS
content-disposition
inline; filename=220815-Crown-Perth-Gaming-Roulette-1200x800px-19.jpg
content-length
149728
x-xss-protection
1; mode=block
request-context
appId=cid-v1:9d8dbf0f-c847-4f15-88fa-ba0cb04d9212
last-modified
Fri, 02 Sep 2022 00:05:42 GMT
etag
"637976739425067053"
x-azure-ref
0ITo7ZQAAAADS0fZ4wGJeQbGmKtWvQn6UWVRPMjIxMDkwODE3MDE5ADc0YTUzMjJmLTdlYWQtNDYzNS04ZTk4LTAwMjMyM2FhODU5NQ==
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Date, X-Api-Version, X-File-Name
expires
Fri, 27 Oct 2023 04:38:42 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bfdeals.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 23:31:42 GMT
x-content-type-options
nosniff
age
362819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Oct 2024 23:31:42 GMT
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		316 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
cf4467023c629092b1a1bb09d3321264cfc86e45dcb5582e4d61b631f71de9f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bfdeals.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 27 Oct 2023 04:18:42 GMT
content-md5
B3iJzz4r5Dv1XJD7+bkbrQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92020
reporting-endpoints
x-fb-debug
COSjFRpOnKLI7HSXqXwU7RA2/hiSWxgkkNexP0Ymsl8N5d2Qu3pYx57NR/gUDXogYD87YLHRTXyFbZEt30mMlg==
x-fb-content-md5
d45d244eb76a1c917a7825e80f125326
cross-origin-opener-policy
same-origin-allow-popups
etag
"7e11712957b367b8bf3355e42bbc0048"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 27 Oct 2023 04:22:58 GMT
embed
www.google.com/maps/ Frame 4D4F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2880.422437342043!2d-79.48825692260675!3d43.784846643904594!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x882b2f1b4e63f72d%3A0x89682e727219c84d!2sBlack%20Friday%20Deals%20Canada!5e0!3m2!1sen!2sca!4v1685532937335!5m2!1sen!2sca
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f105.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
bb9ceb4b4e109975cf20f252b716aea56e26162c0793390d3e0bfd4d41022f62
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-RJC4WTvXChAcpY9yz2o2QA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bfdeals.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1402
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-RJC4WTvXChAcpY9yz2o2QA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Fri, 27 Oct 2023 04:18:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
scaffolding on HTTPServer2
vary
Origin X-Origin Referer
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://bfdeals.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:41 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10894866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCyaHg6PJCANJ1kS4JGh5kmL1OwKa34AFAQLF472qf3mjmivXGXDbdCKfqDnD6229q6Knu6BLIeHqY2VKoKlY0r3JA7dYMsNke%2Bd%2Fp7ZDldM6cg9gX380c4CH8KwkD7%2BPGboXHRr"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c822f3b9b836a6-YYZ
expires
Wed, 16 Oct 2024 04:18:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bfdeals.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 02:37:56 GMT
x-content-type-options
nosniff
age
178845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Oct 2024 02:37:56 GMT
js
maps.googleapis.com/maps/api/ Frame 4D4F 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2880.422437342043!2d-79.48825692260675!3d43.784846643904594!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x882b2f1b4e63f72d%3A0x89682e727219c84d!2sBlack%20Friday%20Deals%20Canada!5e0!3m2!1sen!2sca!4v1685532937335!5m2!1sen!2sca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ad4ead992370122fedd6700a73fc8751acdf5333c2543041be094412b21507aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61987
x-xss-protection
0
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 4D4F 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/54/11/ Frame 4D4F 		228 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/54/11/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2880.422437342043!2d-79.48825692260675!3d43.784846643904594!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x882b2f1b4e63f72d%3A0x89682e727219c84d!2sBlack%20Friday%20Deals%20Canada!5e0!3m2!1sen!2sca!4v1685532937335!5m2!1sen!2sca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f120.1e100.net
Software
sffe /
Resource Hash
e7a63efaf8a46603dbcfe2b7c3a1b788b2298dc8779f733aa2d88a2b932ba8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 19:30:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
204472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61266
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 19:30:50 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/54/11/ Frame 4D4F 		254 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/11/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
sffe /
Resource Hash
6b0dbd9fa8577514e142bbd45e2e7e185c5832ea9bc8659623096520514b4b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 01:38:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
9621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57415
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 01:38:21 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/54/11/ Frame 4D4F 		155 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/11/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
sffe /
Resource Hash
4fda898acc8bc6bd3b26215d6dd50e1d50991c355623c03e57a234fd61cde4c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 03:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49967
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 03:45:14 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/54/11/ Frame 4D4F 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/11/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
sffe /
Resource Hash
432bc9f1a5edd3cc1acaf7616b605d2304d9e255a5c93f398765c21906bf7bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 07:47:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
73876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23654
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 07:47:26 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/54/11/ Frame 4D4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/11/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
sffe /
Resource Hash
11dcd53133022801e9b1ea9ba0e343d193c763606260ea4d01d320f3ff2eeebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 19:30:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
204469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1282
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 19:30:53 GMT
truncated
/ Frame 4D4F 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 4D4F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i4684018&2i6114224&2e1&3u16&4m2&1u577&2u433&5m5&1e0&5sen&6sca&10b1&12b1&client=google-maps-embed&token=80506
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
7180a5fa10aecb2fc603b4803b0c375fb1d18ca373b7b27c24434051096a7e07
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:42 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31285
x-xss-protection
0
expires
Sat, 28 Oct 2023 04:18:42 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/54/11/ Frame 4D4F 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/11/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
sffe /
Resource Hash
0bb9743a39e3999bc651476fabf9f706ef0e9dc9080a70d1941c57456f24750f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 02:13:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8974
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Oct 2024 02:13:29 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/54/11/ Frame 4D4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/11/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f95.1e100.net
Software
sffe /
Resource Hash
39bdf5471003d35b85ded4793cc69f4b5e4e2e1c2164db74b4cec633e5d1bbeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 07:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
74619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1286
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 04:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 07:35:03 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 4D4F 		326 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Requested by
Host: bfdeals.ca
URL: https://bfdeals.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f120.1e100.net
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:18:42 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Fri, 27 Oct 2023 04:18:42 GMT
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 4D4F 		33 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
f007073f2f2bb0fc86ae190cbcf4d20b48208cc2d521468416a34c002283fdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json+protobuf
X-Goog-Maps-Client-Id
google-maps-embed
Referer
https://www.google.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature
25892
X-Goog-Maps-API-Salt
Ytu80AE4mg

Response headers

date
Fri, 27 Oct 2023 04:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4291
x-xss-protection
0
GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.google.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 27 Oct 2023 04:18:42 GMT
server
scaffolding on HTTPServer2
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 4D4F 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m2&1e0&5e0&8b0&callback=_xdc_._ekfok1&client=google-maps-embed&token=90188
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/11/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
mafe /
Resource Hash
7548256472bfd02ede86487078011a5318dd4da095bb2de68f28a0e830a2564f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 04:18:42 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 4D4F 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7s83sk6u&10e1&11b0&callback=_xdc_._u4z9mf&client=google-maps-embed&token=35765
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/11/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
mafe /
Resource Hash
58266b634e126f75468033080713e14c43281b59f7aa74bb9354a776a8c8b3e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Oct 2023 04:18:42 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
/
www.facebook.com/plugins/customer_chat/facade/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&is_loaded_by_facade=true&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323693&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mty2.facebook.com
Software
/
Resource Hash
b4aec00777ba566ca8334743d7512831f71249ac78b61b565e3a839ed472d86d
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bfdeals.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 27 Oct 2023 04:18:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
5mBtHICTsaA6+ucnXidMx5Udw06gmnt+kC8FssKFJXvxv/X2GSGQqj5cwa2slBuzY4UK0zkpVY392BK2kJ9z1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
x-frame-options
DENY
access-control-allow-origin
https://bfdeals.ca
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323693&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=305&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323998&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| handleKeyPress function| performSearch object| searchItemInput function| submitForm object| openSubMenuId function| toggleSubMenu function| w3_open function| w3_close number| myIndex function| carousel function| getRandomInt object| chatbox function| fbAsyncInit object| FB

0 Cookies

4 Console Messages

Source Level URL
Text
javascript error URL: https://bfdeals.ca/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323693&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://bfdeals.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323693&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bfdeals.ca/
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=305&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323998&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://bfdeals.ca' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3356802bca4a68%26domain%3Dbfdeals.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbfdeals.ca%252Ff2581e75982490c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fbfdeals.ca%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=305&locale=en_US&log_id=868f7f30-24e5-4311-a384-0ae180f15da2&page_id=101177452051268&request_time=1698380323998&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assetsio.reedpopcdn.com
bdwarehouse.ca
bfdeals.ca
cb2.scene7.com
cdn.arstechnica.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hips.hearstapps.com
i.ytimg.com
i5.walmartimages.com
images.squarespace-cdn.com
m.media-amazon.com
maps.googleapis.com
maps.gstatic.com
media.istockphoto.com
static1.makeuseofimages.com
uploads-ssl.webflow.com
www.crownperth.com.au
www.facebook.com
www.google.com
www.visions.ca
www.w3schools.com
www.facebook.com
104.17.25.14
13.107.226.38
142.251.16.95
142.251.163.95
142.251.167.105
142.4.196.160
151.101.0.155
151.101.128.238
151.101.129.55
157.240.244.1
157.240.244.35
169.150.236.100
172.253.115.119
172.253.115.94
172.253.63.120
172.67.26.2
184.146.19.213
184.28.137.249
192.229.173.207
205.234.175.175
23.60.0.74
3.161.213.126
3.161.213.72
3.161.214.237
03c2a87c54b1d47ef70b41541d6c9b67205a7d4f02f7b6460e9812090b966d97
0bb9743a39e3999bc651476fabf9f706ef0e9dc9080a70d1941c57456f24750f
11dcd53133022801e9b1ea9ba0e343d193c763606260ea4d01d320f3ff2eeebe
154c5cbad821c08e5be69495b6adc877f6b3b4de7cc2a3ca69ecff54563f083f
2319157a0278c400cb6ab6d272a02a402f9b6ce4c68a4b0e275822dfb7aa7690
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
310a16a907df19647689b3c2abe748032ab448ae63edb5be71dc77f10840de25
3904779eb28a91956120363d166ece0d05f506cd40bf4c93647ac9d0f0b71544
39bdf5471003d35b85ded4793cc69f4b5e4e2e1c2164db74b4cec633e5d1bbeb
432bc9f1a5edd3cc1acaf7616b605d2304d9e255a5c93f398765c21906bf7bde
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4fda898acc8bc6bd3b26215d6dd50e1d50991c355623c03e57a234fd61cde4c8
50c4192443b1a69de13fa56a8e5615e0ab66b9acf47dbf79440503052a85b94e
58266b634e126f75468033080713e14c43281b59f7aa74bb9354a776a8c8b3e0
5e5150b29461c8eb04189af55eabdd611722641ee8cda57d29abba70e3ea5a05
61204b87bb510f78b71fcc4e9899e5da90216ee89417330b5f2f09a231a3592d
621a6d49cfc39874f42cc8fddcf0db53736be7b8fc59a77354bccb662e78671c
680c1528a6266bbbd453c655bf9a984efa312a466fe2b7e4143103b3e5ae8bdf
6b0dbd9fa8577514e142bbd45e2e7e185c5832ea9bc8659623096520514b4b3c
7180a5fa10aecb2fc603b4803b0c375fb1d18ca373b7b27c24434051096a7e07
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
7548256472bfd02ede86487078011a5318dd4da095bb2de68f28a0e830a2564f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fd6c47071440d79bd4b92666f268e64fd0bee4f551d54f0c73561c2677958ca
8334480879eb9eea63baa20eaaeafae0899d227adccee4c4af7ea4fec608dfc5
83d23c11cf9247ebe3b3a7ade104bedfc81a71040945db31989b3baaae04cbe8
844f183729aaef49dc4c611f6b3d0ea509f29c38ab0ea400c1b0c91f4bb4e03f
9a07dc2b6e40cd5d574404a963700b870091e0d973131256bb6699bbeaeb5c1d
ad4ead992370122fedd6700a73fc8751acdf5333c2543041be094412b21507aa
afc29ea7f6027b5f575e0fb86a26420a958139a9776d1d4fff79aa1e3ded5e0b
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b217f33cd06b524b414c0004dcf1ede6d519b4c2ca95d3cbf9fc045e3f170d1c
b4aec00777ba566ca8334743d7512831f71249ac78b61b565e3a839ed472d86d
bb9ceb4b4e109975cf20f252b716aea56e26162c0793390d3e0bfd4d41022f62
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4467023c629092b1a1bb09d3321264cfc86e45dcb5582e4d61b631f71de9f5
d07571c2e4d6e580d04063abe431d85bb9592576dc7611401d4e55bd5b92044f
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e44ebbb936ed5519edfd7c6f276cf181e1f7af8c1be2fd28c64d3dbfb2dfc793
e7a63efaf8a46603dbcfe2b7c3a1b788b2298dc8779f733aa2d88a2b932ba8aa
eed0f37c45fc56fb06887c6dfbb86a3ef6c7fb1530515addb2c03473f1c37e8f
f007073f2f2bb0fc86ae190cbcf4d20b48208cc2d521468416a34c002283fdfc
f579989b1aed6b3b1bac5445a9db2a0d6ea9031a6c151e8bbe7e2762bc66f1c7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615