wintersauto.ca Open in urlscan Pro
138.197.174.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wintersautoservice.ca/
Effective URL:
https://wintersauto.ca/
Submission: On July 10 via automatic, source certstream-suspicious (July 10th 2024, 4:05:42 pm UTC) — Scanned from CA

Summary HTTP 46 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 46 HTTP transactions. The main IP is 138.197.174.231, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is wintersauto.ca.
TLS certificate: Issued by R3 on May 19th 2024. Valid for: 3 months.

This is the only time wintersauto.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:4913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	138.197.174.231 138.197.174.231	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2604:2dc0:100... 2604:2dc0:100:1f78::9	16276 (OVH) (OVH)
3	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:29af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::69	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:400d:c04::5e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::8a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	167.71.167.197 167.71.167.197	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
46	12

1 2606:4700:3032::6815:4913 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wintersautoservice.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 138.197.174.231 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: hosting.symbicore.com

wintersauto.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2604:2dc0:100:1f78::9 (United States)

ASN16276 (OVH, FR)

moderate.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29af (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::69 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::8a (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.167.197 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: moderate2.cleantalk.org

moderate2-v4.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	wintersauto.ca wintersauto.ca	2 MB
4	cleantalk.org moderate.cleantalk.org — Cisco Umbrella Rank: 29545 moderate2-v4.cleantalk.org — Cisco Umbrella Rank: 206833	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	286 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	4 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 14711 prism.app-us1.com — Cisco Umbrella Rank: 14876	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	71 KB
2	google.com www.google.com — Cisco Umbrella Rank: 10	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102
1	gstatic.com www.gstatic.com	208 KB
1	calendly.com assets.calendly.com — Cisco Umbrella Rank: 34526	4 KB
1	wintersautoservice.ca 1 redirects wintersautoservice.ca	790 B
46	11

	Domain	Requested by
28	wintersauto.ca	wintersauto.ca
3	www.googletagmanager.com	wintersauto.ca www.googletagmanager.com
3	moderate.cleantalk.org	wintersauto.ca moderate.cleantalk.org
2	www.facebook.com	wintersauto.ca
2	connect.facebook.net	wintersauto.ca connect.facebook.net
2	www.google.com	wintersauto.ca
1	moderate2-v4.cleantalk.org	wintersauto.ca
1	www.google-analytics.com	www.googletagmanager.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	wintersauto.ca
1	www.gstatic.com	www.google.com
1	assets.calendly.com	wintersauto.ca
1	wintersautoservice.ca	1 redirects
46	13

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.facebook.com
www.instagram.com
ca.linkedin.com
symbicore.com

Subject Issuer	Validity	Valid
wintersauto.ca R3	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.cleantalk.org Sectigo RSA Domain Validation Secure Server CA	`2023-09-07` - `2024-09-24`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
calendly.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2024-05-28` - `2024-08-26`	3 months	crt.sh
prism.app-us1.com E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wintersauto.ca/
Frame ID: 42565110E82B3B20CDA6F41B565209F1
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Collision Repair | Auto Service | Glass | Winnipeg

Page URL History Show full URLs

https://wintersautoservice.ca/ HTTP 301
https://wintersauto.ca/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<div class=(?:"|')[^"']*elementor
<section class=(?:"|')[^"']*elementor

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

46
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

2721 kB
Transfer

5313 kB
Size

7
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/place/1010+Arlington+St,+Winnipeg,+MB+R3E+3M2/@49.9081217,-97.1681848,17z/data=!3m1!4b1!4m6!3m5!1s0x52ea73c52705dc37:0x1f8e69c2b66f54d9!8m2!3d49.9081183!4d-97.1656099!16s%2Fg%2F11b8vcl2sv?authuser=0&entry=ttu
Title: 1010 Arlington Street, Winnipeg, Manitoba

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winterscollisionrepair/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winterscollisionrepair/%20

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/winter-s%20

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/1020+Arlington+St,+Winnipeg,+MB+R3E+2G1/@49.9086169,-97.1677667,17z/data=!3m1!4b1!4m6!3m5!1s0x52ea73c5294b4fed:0x97d308ee21511fd!8m2!3d49.9086135!4d-97.1651918!16s%2Fg%2F11fnqk0ttn?authuser=0&entry=ttu
Title: 1020 Arlington Street, Winnipeg, Manitoba

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wintersautosvc/%20

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wintersautoservice/?hl=en%20

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/winter-s

Search URL Search Domain Scan URL

URL: https://symbicore.com/
Title: Powered by Symbicore

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wintersautoservice.ca/ HTTP 301
https://wintersauto.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wintersauto.ca/
Redirect Chain

https://wintersautoservice.ca/
https://wintersauto.ca/

156 KB
29 KB

2271ms
1838ms

Document
text/html

138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 59cf50395ef8f04261d4beb42e86f0334cf34f7cd95053e6aa334bf7ff08a39f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 28942
content-type: text/html; charset=UTF-8
date: Wed, 10 Jul 2024 16:05:34 GMT
link: <https://wintersauto.ca/wp-json/>; rel="https://api.w.org/", <https://wintersauto.ca/wp-json/wp/v2/pages/49>; rel="alternate"; type="application/json", <https://wintersauto.ca/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-tag: 0c7_HTTP.200,0c7_front,0c7_URL.6666cd76f96956469e7be39d750cc7d9,0c7_F,0c7_Po.49,0c7_PGS,0c7_,0c7_MIN.df8d524fd5d865690b78fad312e81e2a.css,0c7_MIN.4080d82dda8ee4a45db9196acf225c53.js
x-mod-pagespeed: 1.13.35.2-0
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a11cbbecac2aa9d-YYZ
content-type: text/html; charset=iso-8859-1
date: Wed, 10 Jul 2024 16:05:32 GMT
location: https://wintersauto.ca/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vs%2FU%2FlkY1N2yECq%2FmCmVK4QwF1s7xDtkNt0Rst%2Fd0riIExyvaGhb4rV34VdEsHt568lrwebI%2BZYsDVoLNDyMVaIcgmVG5sl6wS2XU1Hi1q75PD5%2B9Fa6skBrdMx10uGWOOv3peWazdxVuBJ2Gj6W7eD4YJg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin

GET
H2 200 df8d524fd5d865690b78fad312e81e2a.css
wintersauto.ca/wp-content/litespeed/css/ 979 KB
144 KB 103ms
101ms Stylesheet
text/css 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

ec092aad92ba418c176991a0721a8928ce57c2abd21c96fe79d20fe590e7be46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 04:41:41 GMT
server: nginx
x-original-content-length: 1002364
etag: "f4b7c-61c78ae0a57b9"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 146556
expires: Wed, 10 Jul 2024 16:10:31 GMT

GET
H2 200 jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js Show response
wintersauto.ca/wp-includes/js/jquery/ 85 KB
30 KB 93ms
92ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-includes/js/jquery/jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: fa6dbf56efed1b69b023b1601a9632014760997b1ac750af80088e8ca2fb5439

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
content-encoding: gzip
last-modified: Wed, 10 Jul 2024 15:44:07 GMT
server: nginx
x-original-content-length: 87553
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30277
expires: Thu, 10 Jul 2025 15:44:07 GMT

GET
H/1.1 200
OK ct-bot-detector-wrapper.js Show response
moderate.cleantalk.org/ 382 B
733 B 874ms
242ms Script
application/javascript 2604:2dc0:100:1f78::9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js?ver=6.35
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2604:2dc0:100:1f78::9 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5ad8f034b2dcf15d8b1ad12a1d9d985ba5ff6dd851db222ce66d972b00e8cbfa

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 16:05:35 GMT
Last-Modified: Mon, 20 May 2024 08:20:22 GMT
Server: nginx
ETag: "664b07c6-17e"
Content-Type: application/javascript
Access-Control-Allow-Origin: : *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
107 KB 761ms
163ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PSZ9YQ2MVJ

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51bcecc5f4aeffedbb2fff48a4a59fff3b76df9cb6808c75bb1067f776ffcee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jul 2024 16:05:36 GMT

GET
H2 200 Frame-804.svg
wintersauto.ca/wp-content/uploads/2020/03/ 6 KB
6 KB 86ms
85ms Image
image/svg+xml 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wintersauto.ca/wp-content/uploads/2020/03/Frame-804.svg
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 51bf3f2f787f0686892055c3e7afe005112a457eb5b7d5fbe5b7bbe29c9be2db

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
last-modified: Mon, 24 Jul 2023 11:49:11 GMT
server: nginx
etag: "1758-6013a33ea7bc0"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5976

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 11 KB
4 KB 578ms
167ms Script
application/javascript 2606:4700:4400::6812:29af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2024 09:21:03 GMT
cf-bgj: minify
server: cloudflare
age: 9
etag: W/"ef3bf711963c747494cae07900aacd7c"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 8a11cbd659dbb406-YYZ
expires: Thu, 11 Jul 2024 16:05:36 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
988 B 268ms
266ms Script
text/javascript 2607:f8b0:400d:c0d::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit&hl=en

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1ea971204d43463cf5ccfc7f6469363dff90f581c6a9c7f51e56431936c1c2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jul 2024 16:05:35 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 633ms
145ms Script
text/javascript 2607:f8b0:400d:c0d::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=3.22.1

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

530da37a01995aa5c7b14396ec4d5e5d84e4d191a5f07de14dafc06d4778cc46

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jul 2024 16:05:35 GMT

GET
H2 200 4080d82dda8ee4a45db9196acf225c53.js Show response
wintersauto.ca/wp-content/litespeed/js/ 440 KB
122 KB 178ms
178ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

f4410e0940de36f2de822cc70525e9a6dbe8e08d1b505d7716c68d27b6d383de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 04:41:41 GMT
server: nginx
x-original-content-length: 450990
etag: "6e1ae-61c78ae0bde59"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 124526
expires: Wed, 10 Jul 2024 16:10:31 GMT

GET
H/1.1 200
OK ct-bot-detector.min.js Show response
moderate.cleantalk.org/1.1.21/ 15 KB
4 KB 168ms
166ms Script
application/javascript 2604:2dc0:100:1f78::9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/1.1.21/ct-bot-detector.min.js
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/ct-bot-detector-wrapper.js?ver=6.35
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2604:2dc0:100:1f78::9 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4ff98716ff4006097104401fc1270eab070ade045bfe865dc3cab1d5e9062caa

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 16:05:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 May 2024 08:20:06 GMT
Server: nginx
ETag: W/"664b07b6-3df5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: : *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
72 KB 696ms
283ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTVX7V7F

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38c4fa69c3ae06d67053ae2fdf8a6797e986e89131b8544c21537b3fa564f4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73803
x-xss-protection: 0
last-modified: Wed, 10 Jul 2024 15:31:36 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jul 2024 16:05:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 554ms
119ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jul 2024 16:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1392, tbw=2776, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: nPCLco2lCnVuSW39KSALrSj+4BWMUFVaiBl5VW8FyUlPUopWHpfTMd4bdQ3bPmZCCsbfqbuxmCB4GRHLjp0Gkg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 166 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9cf85ef1a4320cd97e74ea4cbce0254dce59ef31335f5883386dc08a7fded4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 164 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e12b627ea3320cd47b3bae7b3b0819cace414875264ae887874808d4541a058d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 166 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ddadc4c932753e935559f2f8fb5207f706fb67ba9b257958b511ae6fbdea6f9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 20181127_winters_00018-1.png
wintersauto.ca/wp-content/uploads/2023/04/ 415 KB
416 KB 85ms
84ms Image
image/png 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wintersauto.ca/wp-content/uploads/2023/04/20181127_winters_00018-1.png

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

cee4ccbca8b704e539bd4e53066a41f5f1a156aef56ecdc917762191860312f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "67b74-6013a33db3980"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 424820
expires: Wed, 10 Jul 2024 16:10:31 GMT

GET
H2 200 Vector-3.png
wintersauto.ca/wp-content/uploads/2023/04/ 338 KB
339 KB 131ms
130ms Image
image/png 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wintersauto.ca/wp-content/uploads/2023/04/Vector-3.png

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

196da640461b892d613b5dff44411c399713882e10eb1d6f71e83970efee4cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "54874-6013a33db3980"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 346228
expires: Wed, 10 Jul 2024 16:10:31 GMT

GET
H2 200 bg-1-1.png
wintersauto.ca/wp-content/uploads/2023/04/ 352 KB
353 KB 149ms
149ms Image
image/png 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wintersauto.ca/wp-content/uploads/2023/04/bg-1-1.png

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

c87fee2e789f7d54ddac8b0328e9d0c248e1fbc2d5e50f6f4ae208fe7de5c883

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "57fb7-6013a33db3980"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 360375
expires: Wed, 10 Jul 2024 16:10:31 GMT

GET
H2 200 bg-4-1.png
wintersauto.ca/wp-content/uploads/2024/01/ 205 KB
206 KB 148ms
148ms Image
image/png 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wintersauto.ca/wp-content/uploads/2024/01/bg-4-1.png

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

5ef13de4200fde199e62be8db630b2d29f56c9ea588431ed267310ccf859c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 13:47:44 GMT
server: nginx
etag: "3352d-60f9d30db5c49"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 210221
expires: Wed, 10 Jul 2024 16:10:31 GMT

GET
H2 200 Gotham-Book.woff2
wintersauto.ca/wp-content/uploads/2023/04/ 13 KB
14 KB 287ms
285ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/uploads/2023/04/Gotham-Book.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 268ea7bd8719ba40e9fe91c072089d5a9fd3d092a97a4c5d39481fa136675776

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "3558-6013a33db3980"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 13656

GET
H2 200 VitesseSans-Bold.woff2
wintersauto.ca/wp-content/uploads/2023/04/ 17 KB
18 KB 286ms
284ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/uploads/2023/04/VitesseSans-Bold.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: f668ddb68a949ae7ffea3d73693e3c41db2ee04db4d3d164e7e10ae5196457e9

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "454c-6013a33db3980"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 17740

GET
H2 200 VitesseSans-Black-3.woff2
wintersauto.ca/wp-content/uploads/2023/04/ 17 KB
17 KB 287ms
286ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/uploads/2023/04/VitesseSans-Black-3.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 246372658d4446dd620dcb0808a598bf58ea2ebf5f9e45143e5493cc76d63d7c

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "42b0-6013a33db3980"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 17072

GET
H2 200 VitesseSans-Medium.woff2
wintersauto.ca/wp-content/uploads/2023/04/ 16 KB
17 KB 287ms
286ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/uploads/2023/04/VitesseSans-Medium.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: a2c99e182c16a4cdb70cb6fa8e860cd46f337a02315e33afa962c1b41c449482

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "41d0-6013a33db3980"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 16848

GET
H2 200 eicons.woff2
wintersauto.ca/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 95 KB
95 KB 305ms
304ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.30.0
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: a9d91bb4ea3abc75e9ab91b81711137a82b3f52b1aa30c99f3c10e190a56717a

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "17b6c-61c786e5c64e7"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 97132

GET
H2 200 Gotham-Medium.woff2
wintersauto.ca/wp-content/uploads/2023/04/ 19 KB
19 KB 288ms
287ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/uploads/2023/04/Gotham-Medium.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 383c59e9be2599212bdd300e3ffbee2be898d90d9fe076fe3b9b2993f78ac7ad

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "4a8c-6013a33db3980"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 19084

GET
H2 200 fa-brands-400.woff2
wintersauto.ca/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 80 KB
80 KB 311ms
311ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "13ecc-61c786e5d3007"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 81612

GET
DATA 200
OK truncated
/ 168 B
168 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d75fce09d4b4a2f1dff12e52b1a850a5ba4577b36038e120380014cdbd0608f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/ 524 KB
208 KB 583ms
152ms Script
text/javascript 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=3.22.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298bafa05900a3bc3d44e4b7406618e73c3ddec2878fcb761b04f4ee9983b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 13:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212421
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 19:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Jul 2025 13:52:53 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 41 KB
10 KB 630ms
108ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8eaa1c9ac4fe2a600a0b6506d6b4486dd7719c3d917cd3ae02fd9589a750388

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
via: 1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-C1
age: 77
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 17 Jun 2024 20:11:47 GMT
server: cloudflare
etag: W/"2801030c0114e98ab25cd3dc2ac1149b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 8a11cbd7aea2ab2a-YYZ
x-amz-cf-id: XzoIUnLMgi0uFVw9XAAzU1zQiMOLp12Ve7P8JnNGm0iiOehBQaUUgg==

POST
H2 200 apbct_get_pixel_url Show response
wintersauto.ca/wp-json/cleantalk-antispam/v1/ 83 B
631 B 959ms
958ms XHR
application/json 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wintersauto.ca/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PHP/7.4.33, PleskLin

Resource Hash

3460273faef7f9c6e3a2472f5fd779c1621c929c1660c3698f3886306bd27ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-WP-Nonce: a7ae34de5d
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://wintersauto.ca/

Response headers

date: Wed, 10 Jul 2024 16:05:37 GMT
content-encoding: br
x-content-type-options: nosniff
x-powered-by: PHP/7.4.33, PleskLin
x-dns-prefetch-control: on
x-litespeed-tag: 0c7_HTTP.200
server: nginx
allow: POST
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://wintersauto.ca
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: Origin
access-control-allow-credentials: true
x-robots-tag: noindex
link: <https://wintersauto.ca/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: a7ae34de5d

GET
H2 200 dialog.min.js Show response
wintersauto.ca/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
4 KB 206ms
206ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 749050b9e72078b086ef578e9d5c6e764c89985d149a4ac76861004e0e6945ca

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "2a19-61c786e5c2667-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3488

GET
H2 200 Frame-804.svg
wintersauto.ca/wp-content/uploads/2020/03/ 6 KB
0 1ms
1ms Image
image/svg+xml 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wintersauto.ca/wp-content/uploads/2020/03/Frame-804.svg
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 51bf3f2f787f0686892055c3e7afe005112a457eb5b7d5fbe5b7bbe29c9be2db

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:35 GMT
last-modified: Mon, 24 Jul 2023 11:49:11 GMT
server: nginx
etag: "1758-6013a33ea7bc0"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5976

GET
H2 200 nav-menu.e65811186e94a386ba7b.bundle.min.js Show response
wintersauto.ca/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 184ms
183ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor-pro/assets/js/nav-menu.e65811186e94a386ba7b.bundle.min.js
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 2c22357a6a5863adc603d5330d6e35e4179cb644fb04eefbfbcff004948baa8c

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 04:27:04 GMT
server: nginx
etag: "12db-61c7879bb77ad-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 1810

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
wintersauto.ca/wp-content/plugins/elementor/assets/js/ 1 KB
886 B 178ms
177ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 7afc19c086e9a3f91fb499864aeb4d49874a08a33ab5f5e7a8ede79064cfb260

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "550-61c786e5be7e7-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 666

GET
H2 200 video.d11c91c1b2b642a34601.bundle.min.js Show response
wintersauto.ca/wp-content/plugins/elementor/assets/js/ 3 KB
1 KB 158ms
157ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/js/video.d11c91c1b2b642a34601.bundle.min.js
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: ac31c6be9270a431c6ddf84bbb1a7d95ee52ed3ae2540f5e19e378ff0b9ae7c4

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "c63-61c786e5bf787-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 1281

GET
H2 200 carousel.9b02b45d7826c1c48f33.bundle.min.js Show response
wintersauto.ca/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 146ms
145ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor-pro/assets/js/carousel.9b02b45d7826c1c48f33.bundle.min.js
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: da979fc591f40670002f87e9ea179c529d5217401fb5f50debda6c41b3609190

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 04:27:04 GMT
server: nginx
etag: "1396-61c7879bb874d-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 1696

POST
H/1.1 200
OK api2.0 Show response
moderate.cleantalk.org/ 153 B
387 B 866ms
228ms XHR
application/json 2604:2dc0:100:1f78::9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://moderate.cleantalk.org/api2.0
Requested by: Host: moderate.cleantalk.org
URL: https://moderate.cleantalk.org/1.1.21/ct-bot-detector.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2604:2dc0:100:1f78::9 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 61667fce013276a97741b107c11106cec43fe677c248239d8087e5301dec08f5

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 10 Jul 2024 16:05:36 GMT
X-Server-IP: 2604:2dc0:100:1f78::9
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 fa-solid-900.woff2
wintersauto.ca/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 85ms
85ms Font
application/octet-stream 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://wintersauto.ca/wp-content/litespeed/css/df8d524fd5d865690b78fad312e81e2a.css?ver=38762
Origin: https://wintersauto.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "13174-61c786e5d6e87"
x-powered-by: PleskLin
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 78196

GET
H2 200 swiper.min.js Show response
wintersauto.ca/wp-content/plugins/elementor/assets/lib/swiper/v8/ 140 KB
39 KB 111ms
110ms Script
application/javascript 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/plugins/elementor/assets/lib/swiper/v8/swiper.min.js?ver=8.4.5
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/wp-content/litespeed/js/4080d82dda8ee4a45db9196acf225c53.js?ver=38762
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 2ac3af00c283c0b2ae6108fa83a2053e51274a2a812fb063916cbe19bc4f96b5

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: gzip
last-modified: Fri, 05 Jul 2024 04:23:53 GMT
server: nginx
etag: "2315d-61c786e5dbca7-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 39695

GET
H2 200 1782627868860695 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 235ms
234ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1782627868860695?v=2.9.160&r=stable&domain=wintersauto.ca&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f6f5848b8500dec75410bd2048a8ab60611b49558bc04399125fed530578e3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jul 2024 16:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=62, mss=1392, tbw=63801, tp=-1, tpl=-1, uplat=113, ullat=0
pragma: public
x-fb-debug: R/YTGx2VCjOjtbs3JPjd3L2EkgMdb/HstTwHN6meZ7l5BAsgEsPTpFaxtNS/6ho44f8PcIK5mRwkeir1C6LcnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
314 B 606ms
198ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=649344795&u=https%3A%2F%2Fwintersauto.ca%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.29
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 68
cf-ray: 8a11cbdb0f1238e5-YYZ
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
107 KB 155ms
154ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PSZ9YQ2MVJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTVX7V7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaf896a04dd1172e87760b43f5fc6074c7681e1a57e9011a34c6588f359c115a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jul 2024 16:05:36 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 675ms
177ms Fetch
text/plain 2607:f8b0:400d:c0d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PSZ9YQ2MVJ&gtm=45je4730v9136003909z89135994830za200zb9135994830&_p=1720627535930&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=831967686.1720627537&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720627536&sct=1&seg=0&dl=https%3A%2F%2Fwintersauto.ca%2F&dt=Collision%20Repair%20%7C%20Auto%20Service%20%7C%20Glass%20%7C%20Winnipeg&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4649&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PSZ9YQ2MVJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jul 2024 16:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wintersauto.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 604ms
207ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1782627868860695&ev=PageView&dl=https%3A%2F%2Fwintersauto.ca%2F&rl=&if=false&ts=1720627536915&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720627536914.83089234165609135&ler=empty&cdl=API_unavailable&it=1720627536657&coo=false&rqm=GET

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2803, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Jul 2024 16:05:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 657ms
261ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1782627868860695&ev=PageView&dl=https%3A%2F%2Fwintersauto.ca%2F&rl=&if=false&ts=1720627536915&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720627536914.83089234165609135&ler=empty&cdl=API_unavailable&it=1720627536657&coo=false&rqm=FGET

Requested by

Host: wintersauto.ca
URL: https://wintersauto.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf6a3b639fcbe317b","source_keys":["1","2"]},{"key_piece":"0x771f251292c80f79","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 10 Jul 2024 16:05:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390039000348897472", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=3121, tp=-1, tpl=-1, uplat=86, ullat=0
pragma: no-cache
x-fb-debug: 0MVhoKExyR3cjxmwIV7dQVlkkiArNBSwfHgdp7CvrgLh5sVsX6mr+2H9oRbj84Rb0TATwWKnb7V0ryE5dC61vw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390039000348897472"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 6be56f35d8e16abab7b78c4204a87a12.gif
moderate2-v4.cleantalk.org/pixel/ 43 B
258 B 581ms
193ms Image
image/gif 167.71.167.197
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moderate2-v4.cleantalk.org/pixel/6be56f35d8e16abab7b78c4204a87a12.gif
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.71.167.197 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: moderate2.cleantalk.org
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 16:05:37 GMT
X-Server-IP: 167.71.167.197
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 mod_pagespeed_beacon Show response
wintersauto.ca/ 0
84 B 99ms
99ms XHR
text/plain 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/mod_pagespeed_beacon?url=https%3A%2F%2Fwintersauto.ca%2F
Requested by: Host: wintersauto.ca
URL: https://wintersauto.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 Jul 2024 16:05:37 GMT
cache-control: max-age=0, no-cache
server: nginx
x-powered-by: PleskLin

GET
H2 200 xGroup-47.png.pagespeed.ic.2ty98AnB7w.webp
wintersauto.ca/wp-content/uploads/2023/04/ 10 KB
11 KB 108ms
107ms Image
image/png 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wintersauto.ca/wp-content/uploads/2023/04/xGroup-47.png.pagespeed.ic.2ty98AnB7w.webp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

hosting.symbicore.com

Software

nginx / PleskLin

Resource Hash

f2a34fdfada8af50eaec2b09eded4fbb11be546e666587ce9c12f8fb044fcf1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=300,private
accept-ranges: bytes
link: <https://wintersauto.ca/wp-content/uploads/2023/04/Group-47.png>; rel="canonical"
content-length: 10559
expires: Wed, 10 Jul 2024 16:10:30 GMT

GET
H2 200 Favicon_r-150x150.ico
wintersauto.ca/wp-content/uploads/2019/12/ 91 KB
91 KB 98ms
97ms Other
image/vnd.microsoft.icon 138.197.174.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wintersauto.ca/wp-content/uploads/2019/12/Favicon_r-150x150.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.174.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: hosting.symbicore.com
Software: nginx / PleskLin
Resource Hash: 46aa52c363ce8beb18456ed4770df91bbde4f8e5fe5a1c65ade14f3c3f82ff5f

Request headers

Referer: https://wintersauto.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:05:37 GMT
last-modified: Mon, 24 Jul 2023 11:49:10 GMT
server: nginx
etag: "16b86-6013a33db3980"
x-powered-by: PleskLin
content-type: image/vnd.microsoft.icon
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 93062

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wintersauto.ca/	1970-01-20 22:39:54	Name: ac_enable_tracking Value: 1
.calendly.com/	1970-01-20 21:57:09	Name: __cf_bm Value: iF89HD3zpyU3DN3OY8MzcLxbWR5x90vGJOhqG4_u7RU-1720627536-1.0.1.1-g6t9dTtKe5rJkCkPngUHDiaQrxPsbtjSrHqmDVy1QhMy0_dGkjTgeYGvlph6uiIDQNtFxBx375qkmy6iAzjZXw
.calendly.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2ZTuZKNWrci9dOpveJG3JjtP0_ebSXAx2ak2X5ROXNQ-1720627536451-0.0.1.1-604800000
.wintersauto.ca/	1970-01-21 07:33:07	Name: _ga_PSZ9YQ2MVJ Value: GS1.1.1720627536.1.0.1720627536.0.0.0
.wintersauto.ca/	1970-01-21 07:33:07	Name: _ga Value: GA1.1.831967686.1720627537
.wintersauto.ca/	1970-01-21 00:06:43	Name: _fbp Value: fb.1.1720627536914.83089234165609135
prism.app-us1.com/	1970-01-20 22:40:19	Name: prism_649344795 Value: a526acf1-8060-45a3-9307-17c4729182fa

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.calendly.com
connect.facebook.net
diffuser-cdn.app-us1.com
moderate.cleantalk.org
moderate2-v4.cleantalk.org
prism.app-us1.com
wintersauto.ca
wintersautoservice.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
138.197.174.231
167.71.167.197
2604:2dc0:100:1f78::9
2606:4700:3032::6815:4913
2606:4700:4400::6812:29af
2606:4700::6812:80d8
2607:f8b0:4004:c08::61
2607:f8b0:400d:c04::5e
2607:f8b0:400d:c0d::69
2607:f8b0:400d:c0d::8a
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
196da640461b892d613b5dff44411c399713882e10eb1d6f71e83970efee4cb1
1a9cf85ef1a4320cd97e74ea4cbce0254dce59ef31335f5883386dc08a7fded4
246372658d4446dd620dcb0808a598bf58ea2ebf5f9e45143e5493cc76d63d7c
268ea7bd8719ba40e9fe91c072089d5a9fd3d092a97a4c5d39481fa136675776
298bafa05900a3bc3d44e4b7406618e73c3ddec2878fcb761b04f4ee9983b7de
2ac3af00c283c0b2ae6108fa83a2053e51274a2a812fb063916cbe19bc4f96b5
2c22357a6a5863adc603d5330d6e35e4179cb644fb04eefbfbcff004948baa8c
2d75fce09d4b4a2f1dff12e52b1a850a5ba4577b36038e120380014cdbd0608f
2f6f5848b8500dec75410bd2048a8ab60611b49558bc04399125fed530578e3c
3460273faef7f9c6e3a2472f5fd779c1621c929c1660c3698f3886306bd27ee0
383c59e9be2599212bdd300e3ffbee2be898d90d9fe076fe3b9b2993f78ac7ad
38c4fa69c3ae06d67053ae2fdf8a6797e986e89131b8544c21537b3fa564f4df
3ddadc4c932753e935559f2f8fb5207f706fb67ba9b257958b511ae6fbdea6f9
46aa52c363ce8beb18456ed4770df91bbde4f8e5fe5a1c65ade14f3c3f82ff5f
4ff98716ff4006097104401fc1270eab070ade045bfe865dc3cab1d5e9062caa
51bcecc5f4aeffedbb2fff48a4a59fff3b76df9cb6808c75bb1067f776ffcee0
51bf3f2f787f0686892055c3e7afe005112a457eb5b7d5fbe5b7bbe29c9be2db
530da37a01995aa5c7b14396ec4d5e5d84e4d191a5f07de14dafc06d4778cc46
59cf50395ef8f04261d4beb42e86f0334cf34f7cd95053e6aa334bf7ff08a39f
5ad8f034b2dcf15d8b1ad12a1d9d985ba5ff6dd851db222ce66d972b00e8cbfa
5ef13de4200fde199e62be8db630b2d29f56c9ea588431ed267310ccf859c2ad
61667fce013276a97741b107c11106cec43fe677c248239d8087e5301dec08f5
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
749050b9e72078b086ef578e9d5c6e764c89985d149a4ac76861004e0e6945ca
7afc19c086e9a3f91fb499864aeb4d49874a08a33ab5f5e7a8ede79064cfb260
a2c99e182c16a4cdb70cb6fa8e860cd46f337a02315e33afa962c1b41c449482
a9d91bb4ea3abc75e9ab91b81711137a82b3f52b1aa30c99f3c10e190a56717a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaf896a04dd1172e87760b43f5fc6074c7681e1a57e9011a34c6588f359c115a
ac31c6be9270a431c6ddf84bbb1a7d95ee52ed3ae2540f5e19e378ff0b9ae7c4
b8eaa1c9ac4fe2a600a0b6506d6b4486dd7719c3d917cd3ae02fd9589a750388
c87fee2e789f7d54ddac8b0328e9d0c248e1fbc2d5e50f6f4ae208fe7de5c883
cee4ccbca8b704e539bd4e53066a41f5f1a156aef56ecdc917762191860312f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
da979fc591f40670002f87e9ea179c529d5217401fb5f50debda6c41b3609190
e12b627ea3320cd47b3bae7b3b0819cace414875264ae887874808d4541a058d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec092aad92ba418c176991a0721a8928ce57c2abd21c96fe79d20fe590e7be46
f1ea971204d43463cf5ccfc7f6469363dff90f581c6a9c7f51e56431936c1c2a
f2a34fdfada8af50eaec2b09eded4fbb11be546e666587ce9c12f8fb044fcf1b
f4410e0940de36f2de822cc70525e9a6dbe8e08d1b505d7716c68d27b6d383de
f668ddb68a949ae7ffea3d73693e3c41db2ee04db4d3d164e7e10ae5196457e9
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
fa6dbf56efed1b69b023b1601a9632014760997b1ac750af80088e8ca2fb5439

wintersauto.ca Open in urlscan Pro 138.197.174.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

83 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

2721 kBTransfer

5313 kBSize

7 Cookies

9 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wintersauto.ca Open in urlscan Pro
138.197.174.231 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

2721 kB
Transfer

5313 kB
Size

7
Cookies

46 HTTP transactions
4 data transactions