urlscan.io logo urlscan.io
SecurityTrails logo

www.ontariofiredamage.com Open in urlscan Pro
174.136.107.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ontariofiredamage.com/
Effective URL: https://www.ontariofiredamage.com/
Submission: On March 08 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 45 HTTP transactions. The main IP is 174.136.107.162, located in United States and belongs to ARPNET, US. The main domain is www.ontariofiredamage.com.
TLS certificate: Issued by R3 on March 8th 2022. Valid for: 3 months.
This is the only time www.ontariofiredamage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

26    174.136.107.162 (United States)

ASN25795 (ARPNET, US)
PTR: mail.contractormarketingpros.com
www.ontariofiredamage.com
images.contractormarketingpros.com
analytics.servicedirect.com
1    2607:f8b0:4006:816::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:80f::200a (Queens, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2607:f8b0:4006:822::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:80e::200e (Queens, United States)

ASN15169 (GOOGLE, US)
maps.google.com
3    2607:f8b0:4006:807::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4006:80f::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:817::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
www.googleadservices.com
2    2607:f8b0:4006:820::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
12 ontariofiredamage.com
www.ontariofiredamage.com
122 KB
11 contractormarketingpros.com
images.contractormarketingpros.com
583 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
254 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
maps.google.com — Cisco Umbrella Rank: 1754
35 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8822
692 B
3 servicedirect.com
analytics.servicedirect.com
38 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101
15 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
74 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
57 KB
45 11
Domain Requested by
12 www.ontariofiredamage.com 1 redirects www.ontariofiredamage.com
11 images.contractormarketingpros.com www.ontariofiredamage.com
3 www.google.ca www.ontariofiredamage.com
3 analytics.servicedirect.com www.ontariofiredamage.com
analytics.servicedirect.com
3 www.gstatic.com www.google.com
www.googletagmanager.com
www.gstatic.com
3 www.google.com www.ontariofiredamage.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googletagmanager.com www.ontariofiredamage.com
1 maps.google.com www.ontariofiredamage.com
1 ajax.googleapis.com www.ontariofiredamage.com
1 fonts.googleapis.com www.ontariofiredamage.com
45 15

This site contains no links.

Subject Issuer Validity Valid
ontariofiredamage.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
contractormarketingpros.com
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
images.servicedirect.com
R3		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ontariofiredamage.com/
Frame ID: 0C3AB777EB84705AB403E5ECAAFDDF33
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ontario Fire Damage Restoration -- Same Day Restoration -- (909) 342-1161

Page URL History Show full URLs

  1. http://www.ontariofiredamage.com/ HTTP 301
    https://www.ontariofiredamage.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:maps\.google\.com/maps\?file=api(?:&v=([\d.]+))?|maps\.google\.com/maps/api/staticmap)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

45
Requests

98 %
HTTPS

85 %
IPv6

11
Domains

15
Subdomains

13
IPs

1
Countries

1201 kB
Transfer

2159 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ontariofiredamage.com/ HTTP 301
    https://www.ontariofiredamage.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.googleadservices.com/pagead/conversion/1063565874/wcm?cc=ZZ&dn=9093421161&cl=bZFOCJfxv5MBELL0kvsD&ct_eid=2 HTTP 302
  • https://www.google.ca/pagead/attribution/wcm?cc=ZZ&dn=9093421161&cl=bZFOCJfxv5MBELL0kvsD

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ontariofiredamage.com/
Redirect Chain
  • http://www.ontariofiredamage.com/
  • https://www.ontariofiredamage.com/
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
b3c7e0798f2a5c1b2e3c2ee8e60c125594db094e78342440db3be2117b26d515

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
openresty/1.13.6.2
Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
7615
Connection
keep-alive
x-host
zzz-exclusites;_default_;8080
X-Esi
1
Vary
Accept-Encoding
Content-Encoding
gzip
x-storage
default
X-Varnish
133987431 134813150
Age
4
Via
1.1 varnish-v4
Accept-Ranges
bytes

Redirect headers

Server
openresty/1.13.6.2
Date
Tue, 08 Mar 2022 10:28:16 GMT
Content-Type
text/html
Content-Length
191
Connection
keep-alive
Location
https://www.ontariofiredamage.com/
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lobster|Open+Sans:300italic,400italic,600italic,300,400,600
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ba9e6582a3df6acdbef5ba2a386c99c2e8b3ea802f34e60af99cfc99ccf0988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 10:28:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 08 Mar 2022 10:28:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 08 Mar 2022 10:28:17 GMT
lightbox.css
www.ontariofiredamage.com/css/shared/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/css/shared/lightbox.css
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
1a933d281eb7cb11f552d609615ac8cbcff8b7b7705a3a5c9b765c0c57e4200d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"b7c-5d9adc9601b2b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish-v4
X-Varnish
133987437 122828103
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1163
x-storage
default
jquery.js
ajax.googleapis.com/ajax/libs/jquery/1.7/ 		247 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1717ea1fde8ceb7584341a24efc85c853083c660a1185968fbf94520f7193de2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 00:34:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73934
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Mar 2023 00:34:36 GMT
jquery.lightbox.js
www.ontariofiredamage.com/js/shared/jquery-lightbox/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/js/shared/jquery-lightbox/jquery.lightbox.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
7dff83e56c25a50c744a54ad232bdede19a10a2b4bc96d187e5af23e455adbe2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
57
ETag
"4103-5d9adc9613469-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
X-Varnish
130350412 134069059
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4906
x-storage
default
jqModal.js
www.ontariofiredamage.com/js/shared/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/js/shared/jqModal.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
1fb79ec07b8b5f068295f547e0953ad75d4a6dcf43638123f7b0c3dbe6b42fdf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"115b-5d9adc96124c9-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
X-Varnish
133987443 127771698
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1827
x-storage
default
bootstrap.js
www.ontariofiredamage.com/js/shared/bootstrap/ 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/js/shared/bootstrap/bootstrap.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
9a864dc44eec5b54955327ffd1204bc309ec511b5ac11ff86edaeafff85e9e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
43
ETag
"e757-5d9adc9611529-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
X-Varnish
130350414 122827888
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10933
x-storage
default
jquery.fitvids.js
www.ontariofiredamage.com/js/shared/bootstrap/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/js/shared/bootstrap/jquery.fitvids.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
defa63a204978c13830f59930ee6fdb902a8c35a8dfd5946c09869c335010544

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
43
ETag
"b63-5d9adc9611529-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
X-Varnish
122828121 134241708
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1112
x-storage
default
jqBootstrapValidation.js
www.ontariofiredamage.com/js/shared/bootstrap/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/js/shared/bootstrap/jqBootstrapValidation.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
7259276218ed08d64420b19a266c7f89229a6667d8007d4dcc8dcf52a2de594b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"8d54-5d9adc9611529-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
X-Varnish
130350416 133987371
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6782
x-storage
default
bounce.js
www.ontariofiredamage.com/js/shared/bootstrap/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/js/shared/bootstrap/bounce.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
1d546eee6aa2dc75d0f64787f943fbe4918751fd3f7182fa399f727cf2333ecd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"558-5d9adc9611529-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
X-Varnish
134813219 127771702
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
670
x-storage
default
reset.css
www.ontariofiredamage.com/css/ 		703 B
798 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/css/reset.css
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
6f91fb240b31193211826d096df6ef3dd5bfdb2297d52f3756d702d6ebe7d49d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Mar 2022 04:55:14 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"2bf-5d9adc95ec36d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish-v4
X-Varnish
133987439 122828107
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
378
x-storage
default
exclusite-bounce.18781.css
www.ontariofiredamage.com/css/ 		193 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ontariofiredamage.com/css/exclusite-bounce.18781.css
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
e73de3f0ac194c8ce4eed16d68193474056d153515c2ce177a0193c3eb84b402

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Server
openresty/1.13.6.2
Age
4
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Via
1.1 varnish-v4
X-Varnish
133987441 134242043
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31392
x-storage
default
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a9f32abd1df5f2624a39b9911169fa30dc69da1467751ea060eb492b07c62129
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 10:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Tue, 08 Mar 2022 10:28:17 GMT
38254.png
images.contractormarketingpros.com/images/shared/logos/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/logos/38254.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
f1c98b3b5459f329744569ad3070a0ca2ba9d467c84e39778767b9e25758a755

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Mon, 13 Nov 2017 16:53:48 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"12787-55de01d42781c"
Content-Type
image/png
X-Varnish
122828134 134242054
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75655
x-storage
static
fire-damage-restoration.jpg
images.contractormarketingpros.com/images/shared/banners/exclusite-bounce/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/banners/exclusite-bounce/fire-damage-restoration.jpg
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
6ec70950bb56f71e5a08865e68995c1a66e562247e8333b14df2a8bf1a2953fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Mon, 06 Jan 2014 16:48:17 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"940c-4ef5006c77640"
Content-Type
image/jpeg
X-Varnish
133846223 134813162
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37900
x-storage
static
TrustBadge-Free-Estimate.png
images.contractormarketingpros.com/images/shared/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/icons/TrustBadge-Free-Estimate.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
16fc822b363d68ae6885b787f25297dfe1944ef3c4f2e54b023da98eeaf5f490

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Tue, 05 Mar 2019 17:45:28 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"17e8-5835c70581cdd"
Content-Type
image/png
X-Varnish
122828138 134242061
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6120
x-storage
static
TrustBadge-24h-Emergency-Service.png
images.contractormarketingpros.com/images/shared/icons/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/icons/TrustBadge-24h-Emergency-Service.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
2be102b0ff80db39d73c2204ae143c9049e94f595ba2567539324919a967e4e2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Tue, 05 Mar 2019 17:55:57 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"212c-5835c95d91f00"
Content-Type
image/png
X-Varnish
133846225 132435772
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8492
x-storage
static
bbb_logo_blue.jpg
images.contractormarketingpros.com/images/shared/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/bbb_logo_blue.jpg
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
8240fe4a4aaf597a80d297a30c6d43005d7c09996f42ab96dc2990e456b4e949

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:18 GMT
Via
1.1 varnish-v4
Last-Modified
Tue, 08 Feb 2011 23:01:45 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"843a-49bcd5516c840"
Content-Type
image/jpeg
X-Varnish
122828140 133987389
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33850
x-storage
static
38255.png
images.contractormarketingpros.com/images/shared/logos/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/logos/38255.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
717f54dce182ff2686ff620450a1c6cccfad1b1f9d0cf8f74ac1b852d298b40b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:18 GMT
Via
1.1 varnish-v4
Last-Modified
Mon, 13 Nov 2017 17:04:18 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"280f9-55de042d384e3"
Content-Type
image/png
X-Varnish
130350429 133987392
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164089
x-storage
static
101663.png
images.contractormarketingpros.com/images/shared/logos/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/logos/101663.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
83dd7d056407716f73127d4a0e11342e69fc1597b108253f78e4670c73a61ae4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Tue, 09 Feb 2021 23:27:29 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"3a5ef-5baefa14c3945"
Content-Type
image/png
X-Varnish
122828132 134813158
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
239087
x-storage
static
52612.jpg
www.ontariofiredamage.com/images/shared/logos/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ontariofiredamage.com/images/shared/logos/52612.jpg
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
76911e97fe0bfc8900700a2ebbd09bb137573528e8305c48924224b67c14bbe4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Fri, 08 Jun 2018 18:06:37 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"d035-56e2542d4b4f6"
Content-Type
image/jpeg
X-Varnish
134813221 134242047
x-host
zzz-exclusites;_default_;8080
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53301
x-storage
static
52612.jpg
images.contractormarketingpros.com/images/shared/logos/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/logos/thumbnails/52612.jpg
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
2bdfcdf2c18fc10b49ba0a8aafa1bc915aa709a9e8250df20edbde9d889be6cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Fri, 08 Jun 2018 18:06:37 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"1141-56e2542d4b4f6"
Content-Type
image/jpeg
X-Varnish
133987445 134242051
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4417
x-storage
static
98871.jpg
images.contractormarketingpros.com/images/shared/logos/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/logos/thumbnails/98871.jpg
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
81f3988e8a9a115534af6eda6c66d25574d62ed32c2ca1131b33ed8f13b320cf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Mon, 29 Jun 2020 19:56:38 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"2ee0-5a93e74f21c62"
Content-Type
image/jpeg
X-Varnish
133846221 132435768
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12000
x-storage
static
staticmap
maps.google.com/maps/api/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.google.com/maps/api/staticmap?sensor=false&key=AIzaSyBnG7GYY0DJlSr49L9LyxYlKHuLNV-GEkY&size=400x400&path=fillcolor:0x00AA0033|color:0x00000066|weight:1|34.08625265,-117.684816|34.07513417,-117.794168|34.03021907,-117.760003|33.900662,-118.022646|33.723072,-118.102732|33.365118,-117.626681|33.54564191,-117.378182|33.89242331,-117.518131|34.07916998,-117.547656|34.14625280,-117.485172|34.14767347,-117.636234|34.08618122,-117.636847|34.08625265,-117.684816
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
7d76e12bdb3502ee97ead65b9d2e3a827a644af8661940b4b293561da42c5eb8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 10:28:17 GMT
vary
Accept-Language
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34344
x-xss-protection
0
expires
Wed, 09 Mar 2022 10:28:17 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ 		356 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d526e08d2f18f7fea947247c440cf46473ed39655b4931e959939c383291f665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ontariofiredamage.com/
Origin
https://www.ontariofiredamage.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 07:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143652
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:43:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 07:00:02 GMT
piwik.js
analytics.servicedirect.com/ 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.servicedirect.com/piwik.js
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
5c68b4ca024ae2416e8617622d22d3a9d98689b2d52ba78a06cd14982954e65d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2017 17:34:16 GMT
Server
openresty/1.13.6.2
Age
0
ETag
"1d9a1-55d67fae93517-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
Transfer-Encoding
chunked
X-Varnish
130350423
x-host
0-piwik;analytics.sd2.servicedirect.com;443
Connection
keep-alive
Accept-Ranges
bytes, bytes
gtm.js
www.googletagmanager.com/ 		175 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MTZDZCW
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bd4e9ebccb805fc36210d05588e2fd0d6ead418ec82df256139fa2d2235876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 10:28:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58161
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Mar 2022 10:28:17 GMT
noise.png
images.contractormarketingpros.com/images/shared/bounce/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/bounce/noise.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/css/exclusite-bounce.18781.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
91f8d06b6aba3ef31dca8e101ae578bad67f0665666b9f8078ba77f3878b0a48

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:17 GMT
Via
1.1 varnish-v4
Last-Modified
Fri, 14 Jun 2013 19:57:16 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"846-4df22a7539f00"
Content-Type
image/png
X-Varnish
133846219 130350361
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2118
x-storage
static
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster|Open+Sans:300italic,400italic,600italic,300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ontariofiredamage.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:46:05 GMT
x-content-type-options
nosniff
age
560532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:46:05 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster|Open+Sans:300italic,400italic,600italic,300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ontariofiredamage.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:48:12 GMT
x-content-type-options
nosniff
age
560405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:48:12 GMT
glyphicons-halflings-white.png
images.contractormarketingpros.com/images/shared/bounce/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contractormarketingpros.com/images/shared/bounce/glyphicons-halflings-white.png
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/css/exclusite-bounce.18781.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:18 GMT
Via
1.1 varnish-v4
Last-Modified
Fri, 14 Jun 2013 19:57:16 GMT
Server
openresty/1.13.6.2
Age
4
ETag
"2249-4df22a7539f00"
Content-Type
image/png
X-Varnish
122828142 134242069
x-host
contractormarketingpros.com;www.contractormarketingpros.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8777
x-storage
static
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTZDZCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 10:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 08 Mar 2022 10:28:18 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTZDZCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6262
date
Tue, 08 Mar 2022 08:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 08 Mar 2022 10:43:56 GMT
loader.js
www.gstatic.com/wcm/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTZDZCW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
1704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 08 Mar 2022 10:59:54 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 06:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:59:54 GMT
piwik.php
analytics.servicedirect.com/ 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.servicedirect.com/piwik.php?action_name=Ontario%20Fire%20Damage%20Restoration%20--%20Same%20Day%20Restoration%20--%20(909)%20342-1161&idsite=2709&rec=1&r=534106&h=10&m=28&s=18&url=https%3A%2F%2Fwww.ontariofiredamage.com%2F&_id=9fbd5d85010c9321&_idts=1646735298&_idvc=1&_idn=0&_refts=0&_viewts=1646735298&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%222%22%3A%5B%22site_template_id%22%2C%2229%22%5D%2C%223%22%3A%5B%22industry_id%22%2C%2245%22%5D%2C%225%22%3A%5B%22campaign_id%22%2C%2218781%22%5D%7D&gt_ms=87&pv_id=6IVjzZ
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:18 GMT
Via
1.1 varnish-v4
Server
openresty/1.13.6.2
Age
0
X-Varnish
122828144
x-host
0-piwik;analytics.sd2.servicedirect.com;443
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
configs.php
analytics.servicedirect.com/plugins/HeatmapSessionRecording/ 		117 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.servicedirect.com/plugins/HeatmapSessionRecording/configs.php?idsite=2709&trackerid=tYRqRp&url=https%3A%2F%2Fwww.ontariofiredamage.com%2F
Requested by
Host: analytics.servicedirect.com
URL: https://analytics.servicedirect.com/piwik.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.136.107.162 , United States, ASN25795 (ARPNET, US),
Reverse DNS
mail.contractormarketingpros.com
Software
openresty/1.13.6.2 /
Resource Hash
7883d9238781aaef51b913aa7d4fdf8b816cd9de78cecf59c5be859032ec55c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 08 Mar 2022 10:28:18 GMT
Content-Encoding
gzip
Server
openresty/1.13.6.2
Age
0
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish-v4
Transfer-Encoding
chunked
X-Varnish
130350436
x-host
0-piwik;analytics.sd2.servicedirect.com;443
Connection
keep-alive
Accept-Ranges
bytes
wcm
www.google.ca/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1063565874/wcm?cc=ZZ&dn=9093421161&cl=bZFOCJfxv5MBELL0kvsD&ct_eid=2
  • https://www.google.ca/pagead/attribution/wcm?cc=ZZ&dn=9093421161&cl=bZFOCJfxv5MBELL0kvsD
80 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.ca/pagead/attribution/wcm?cc=ZZ&dn=9093421161&cl=bZFOCJfxv5MBELL0kvsD
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H2
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 10:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Tue, 08 Mar 2022 10:28:18 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.ca/pagead/attribution/wcm?cc=ZZ&dn=9093421161&cl=bZFOCJfxv5MBELL0kvsD
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ontariofiredamage.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=543118520&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ontariofiredamage.com%2F&ul=en-us&de=UTF-8&dt=Ontario%20Fire%20Damage%20Restoration%20--%20Same%20Day%20Restoration%20--%20(909)%20342-1161&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2140697222&gjid=2136260928&cid=1624944937.1646735298&tid=UA-38010352-1&_gid=484265522.1646735298&_r=1&gtm=2wg370MTZDZCW&cd1=exclusite-bounce&cd2=Fire%20Damage%20Restoration&cd3=Same%20Day%20Restoration&cd4=Ontario%20Fire%20Damage&cd13=FireDamageNov2017&z=1124366546
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ontariofiredamage.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Mar 2022 10:28:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ontariofiredamage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1063565874/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1063565874/?random=1646735298453&cv=9&fst=1646735298453&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ontariofiredamage.com%2F&tiba=Ontario%20Fire%20Damage%20Restoration%20--%20Same%20Day%20Restoration%20--%20(909)%20342-1161&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb6dee30e2831ecdb17c241aabd0dda2fc1120c573fd3ee3d8eef08e33ea3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Mar 2022 10:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-38010352-1&cid=1624944937.1646735298&jid=2140697222&gjid=2136260928&_gid=484265522.1646735298&_u=YEBAAEAAAAAAAC~&z=1062678399
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ontariofiredamage.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Mar 2022 10:28:18 GMT
content-type
text/plain
access-control-allow-origin
https://www.ontariofiredamage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1063565874/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1063565874/?random=1646735298453&cv=9&fst=1646733600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=0&url=https%3A%2F%2Fwww.ontariofiredamage.com%2F&tiba=Ontario%20Fire%20Damage%20Restoration%20--%20Same%20Day%20Restoration%20--%20(909)%20342-1161&async=1&fmt=3&is_vtc=1&random=3909183434&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Mar 2022 10:28:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/1063565874/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/1063565874/?random=1646735298453&cv=9&fst=1646733600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=0&url=https%3A%2F%2Fwww.ontariofiredamage.com%2F&tiba=Ontario%20Fire%20Damage%20Restoration%20--%20Same%20Day%20Restoration%20--%20(909)%20342-1161&async=1&fmt=3&is_vtc=1&random=3909183434&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Mar 2022 10:28:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38010352-1&cid=1624944937.1646735298&jid=2140697222&_u=YEBAAEAAAAAAAC~&z=177927061
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Mar 2022 10:28:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38010352-1&cid=1624944937.1646735298&jid=2140697222&_u=YEBAAEAAAAAAAC~&z=177927061
Requested by
Host: www.ontariofiredamage.com
URL: https://www.ontariofiredamage.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.ontariofiredamage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Mar 2022 10:28:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| jQuery172022770586962366246 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| urlParams object| _paq object| dataLayer function| genGaSessionId function| isoTimestamp number| poll_delay number| pollIntervalId object| recaptcha object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _googWcmImpl string| _googWcmAk object| JSON_PIWIK object| Piwik string| currentUrl object| AnalyticsTracker function| piwik_log function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| google_wcc_status

7 Cookies

Domain/Path Name / Value
.ontariofiredamage.com/ Name: _gcl_au
Value: 1.1.2032450135.1646735298
www.ontariofiredamage.com/ Name: _pk_id.2709.1da4
Value: 9fbd5d85010c9321.1646735298.1.1646735298.1646735298.
www.ontariofiredamage.com/ Name: _pk_ses.2709.1da4
Value: *
.ontariofiredamage.com/ Name: _ga
Value: GA1.2.1624944937.1646735298
.ontariofiredamage.com/ Name: _gid
Value: GA1.2.484265522.1646735298
.ontariofiredamage.com/ Name: _gat_UA-38010352-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.servicedirect.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.contractormarketingpros.com
maps.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.ontariofiredamage.com
142.251.35.162
174.136.107.162
2607:f8b0:4004:c0b::9c
2607:f8b0:4006:807::2003
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2008
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2002
16fc822b363d68ae6885b787f25297dfe1944ef3c4f2e54b023da98eeaf5f490
1717ea1fde8ceb7584341a24efc85c853083c660a1185968fbf94520f7193de2
1a933d281eb7cb11f552d609615ac8cbcff8b7b7705a3a5c9b765c0c57e4200d
1d546eee6aa2dc75d0f64787f943fbe4918751fd3f7182fa399f727cf2333ecd
1fb79ec07b8b5f068295f547e0953ad75d4a6dcf43638123f7b0c3dbe6b42fdf
2bdfcdf2c18fc10b49ba0a8aafa1bc915aa709a9e8250df20edbde9d889be6cd
2be102b0ff80db39d73c2204ae143c9049e94f595ba2567539324919a967e4e2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ba9e6582a3df6acdbef5ba2a386c99c2e8b3ea802f34e60af99cfc99ccf0988
5c68b4ca024ae2416e8617622d22d3a9d98689b2d52ba78a06cd14982954e65d
6ec70950bb56f71e5a08865e68995c1a66e562247e8333b14df2a8bf1a2953fb
6f91fb240b31193211826d096df6ef3dd5bfdb2297d52f3756d702d6ebe7d49d
717f54dce182ff2686ff620450a1c6cccfad1b1f9d0cf8f74ac1b852d298b40b
7259276218ed08d64420b19a266c7f89229a6667d8007d4dcc8dcf52a2de594b
76911e97fe0bfc8900700a2ebbd09bb137573528e8305c48924224b67c14bbe4
7883d9238781aaef51b913aa7d4fdf8b816cd9de78cecf59c5be859032ec55c0
7d76e12bdb3502ee97ead65b9d2e3a827a644af8661940b4b293561da42c5eb8
7dff83e56c25a50c744a54ad232bdede19a10a2b4bc96d187e5af23e455adbe2
81f3988e8a9a115534af6eda6c66d25574d62ed32c2ca1131b33ed8f13b320cf
8240fe4a4aaf597a80d297a30c6d43005d7c09996f42ab96dc2990e456b4e949
83dd7d056407716f73127d4a0e11342e69fc1597b108253f78e4670c73a61ae4
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bd4e9ebccb805fc36210d05588e2fd0d6ead418ec82df256139fa2d2235876d
91f8d06b6aba3ef31dca8e101ae578bad67f0665666b9f8078ba77f3878b0a48
9a864dc44eec5b54955327ffd1204bc309ec511b5ac11ff86edaeafff85e9e49
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9f32abd1df5f2624a39b9911169fa30dc69da1467751ea060eb492b07c62129
b3c7e0798f2a5c1b2e3c2ee8e60c125594db094e78342440db3be2117b26d515
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
d526e08d2f18f7fea947247c440cf46473ed39655b4931e959939c383291f665
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defa63a204978c13830f59930ee6fdb902a8c35a8dfd5946c09869c335010544
e73de3f0ac194c8ce4eed16d68193474056d153515c2ce177a0193c3eb84b402
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f1c98b3b5459f329744569ad3070a0ca2ba9d467c84e39778767b9e25758a755
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ffb6dee30e2831ecdb17c241aabd0dda2fc1120c573fd3ee3d8eef08e33ea3a1