urlscan.io logo urlscan.io
SecurityTrails logo

vtcinsure.ca Open in urlscan Pro
64.250.86.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://assurancevisiteuraucanada.com/
Effective URL: https://vtcinsure.ca//
Submission: On February 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 6 domains to perform 39 HTTP transactions. The main IP is 64.250.86.18, located in Georgetown, Canada and belongs to IASL, CA. The main domain is vtcinsure.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 13th 2022. Valid for: a year.
This is the only time vtcinsure.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
15 64.250.86.18 33130 (IASL)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.25 16509 (AMAZON-02)
3 3.140.89.220 16509 (AMAZON-02)
1 13.224.189.77 16509 (AMAZON-02)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 3.18.141.190 16509 (AMAZON-02)
39 10
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
assurancevisiteuraucanada.com
15    64.250.86.18 (Georgetown, Canada)

ASN33130 (IASL, CA)
PTR: IP64-250-86-18.iasl.com
vtcinsure.ca
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    13.32.121.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-25.fra60.r.cloudfront.net
app.purechat.com
3    3.140.89.220 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-89-220.us-east-2.compute.amazonaws.com
widgetapi.purechat.com
api.purechat.com
1    13.224.189.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-77.fra2.r.cloudfront.net
api-cdn.purechat.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
prod.purechatcdn.com
2    3.18.141.190 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-141-190.us-east-2.compute.amazonaws.com
checkin.purechat.com
Apex Domain
Subdomains		 Transfer
15 vtcinsure.ca
vtcinsure.ca
501 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
465 KB
8 purechat.com
app.purechat.com — Cisco Umbrella Rank: 26366
widgetapi.purechat.com — Cisco Umbrella Rank: 27026
api-cdn.purechat.com — Cisco Umbrella Rank: 40838
api.purechat.com — Cisco Umbrella Rank: 54409
checkin.purechat.com — Cisco Umbrella Rank: 36866
10 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
42 KB
2 purechatcdn.com
prod.purechatcdn.com — Cisco Umbrella Rank: 41388
311 KB
1 assurancevisiteuraucanada.com
assurancevisiteuraucanada.com
127 B
39 6
Domain Requested by
15 vtcinsure.ca vtcinsure.ca
5 fonts.gstatic.com vtcinsure.ca
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com vtcinsure.ca
www.gstatic.com
www.google.com
2 checkin.purechat.com prod.purechatcdn.com
2 api.purechat.com prod.purechatcdn.com
2 prod.purechatcdn.com app.purechat.com
prod.purechatcdn.com
2 app.purechat.com vtcinsure.ca
app.purechat.com
1 api-cdn.purechat.com app.purechat.com
1 widgetapi.purechat.com app.purechat.com
1 assurancevisiteuraucanada.com 1 redirects
39 11

This site contains links to these domains. Also see Links.

Domain
awaycare.ca
travelguardian.ca
www.google.com
www.facebook.com
Subject Issuer Validity Valid
vtcinsure.ca
Entrust Certification Authority - L1K		 2022-03-13 -
2023-03-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.purechat.com
Amazon		 2022-04-19 -
2023-05-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
purechatcdn.com
Cloudflare Inc ECC CA-3		 2022-04-14 -
2023-04-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://vtcinsure.ca//
Frame ID: A1BEA9D99205372511C498DCCF366E11
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Frame ID: 01858314EBA59B197B6C9F86219E7B21
Requests: 8 HTTP requests in this frame

Frame: https://prod.purechatcdn.com/assets/modern_app.13836.js
Frame ID: 438B949C495F22601739107B10A9A2B9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VTC Travel Insurance - Super Visa and Visitors to Canada Insurance

Page URL History Show full URLs

  1. https://assurancevisiteuraucanada.com/ HTTP 301
    https://vtcinsure.ca// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

39
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

10
IPs

4
Countries

1328 kB
Transfer

3646 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://assurancevisiteuraucanada.com/ HTTP 301
    https://vtcinsure.ca// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vtcinsure.ca//
Redirect Chain
  • https://assurancevisiteuraucanada.com/
  • https://vtcinsure.ca//
312 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
72890f0185b9e62e3d0d8fcc382fb79b6d1cc593b900bd0f02bb48e82c328725

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
br
Content-Length
47065
Content-Type
text/html; charset=UTF-8
Date
Sat, 11 Feb 2023 10:18:09 GMT
Keep-Alive
timeout=1, max=100
Last-Modified
Sat, 11 Feb 2023 03:42:17 GMT
Server
Apache
Vary
Accept-Encoding

Redirect headers

content-length
219
content-type
text/html; charset=UTF-8
date
Sat, 11 Feb 2023 10:18:08 GMT
location
https://vtcinsure.ca//
server
ghs
x-frame-options
SAMEORIGIN
x-xss-protection
0
nunito-v8-latin-regular.woff2
vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca//
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
18819
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 13 Jan 2023 15:54:58 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=10368000
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Sun, 11 Jun 2023 10:18:10 GMT
nunito-v8-latin-700.woff2
vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca//
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
18935
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 13 Jan 2023 15:54:58 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=10368000
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Sun, 11 Jun 2023 10:18:10 GMT
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v23/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 23:18:24 GMT
x-content-type-options
nosniff
age
212386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21248
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:38:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 23:18:24 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 18:59:32 GMT
x-content-type-options
nosniff
age
55118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 18:59:32 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 23:12:25 GMT
x-content-type-options
nosniff
age
212745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 23:12:25 GMT
awb-icons.woff
vtcinsure.ca/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		21 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca//
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
12932
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 21 Jan 2023 18:31:29 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff
Cache-Control
max-age=10368000
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Sun, 11 Jun 2023 10:18:10 GMT
jquery.min.js
vtcinsure.ca/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
30995
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 08 Nov 2022 04:05:36 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Sun, 11 Feb 2024 10:18:10 GMT
api.js
www.google.com/recaptcha/ 		884 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&ver=3.0
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ca8bbf5ee7d92f08a16c24c87316c1127882007e3f67e357cfaa9f8b2467f5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Sat, 11 Feb 2023 10:18:10 GMT
wp-polyfill.min.js
vtcinsure.ca/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
6532
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 08 Nov 2022 04:05:36 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=98
Expires
Sun, 11 Feb 2024 10:18:10 GMT
lazyload.min.js
vtcinsure.ca/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
2888
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 03 Jan 2023 15:00:17 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Sun, 11 Feb 2024 10:18:10 GMT
911b63c976bc0552f444a2538fd06aa4.js
vtcinsure.ca/wp-content/cache/min/1/ 		460 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/cache/min/1/911b63c976bc0552f444a2538fd06aa4.js
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
355de0ef1cbfa0debda8d9d3cf9519dd48668eaede074e7de8e18850c3e3ed1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sat, 21 Jan 2023 18:35:39 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Sun, 11 Feb 2024 10:18:10 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40454b63db1d5bdc1fd46b1d2d36702d937792eb70470ad0909ed66d5b5ef0de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
home-super-visa-insurance_560x400.jpg
vtcinsure.ca/wp-content/uploads/2018/05/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/home-super-visa-insurance_560x400.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
fea7739b709d8751c9005f94338bacc4b5270d588be3b036bb5c8f230eab9092
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
23510
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:29 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Sun, 11 Jun 2023 10:18:10 GMT
home-visitors-to-canada-insurance_560x400.jpg
vtcinsure.ca/wp-content/uploads/2018/05/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/home-visitors-to-canada-insurance_560x400.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
0359644fa773c3456e06250afa1594bafbb4f7ec9122905d1718e7ad45479da8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
40960
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:31 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=97
Expires
Sun, 11 Jun 2023 10:18:10 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 17:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166252
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 17:51:27 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49ef37d639c578e8a3ec10db855733b04015999cdabeaec298fd17e5b24aab18

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
VTCInsure-logo.webp
vtcinsure.ca/wp-content/uploads/2018/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/VTCInsure-logo.webp
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
4009aa0cc840ef0b52fa8519bc5289a5b5b145addfde4f5b6d5526d94b66189b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
3812
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:29 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=98
Expires
Sun, 11 Jun 2023 10:18:10 GMT
home-get-a-quote_1200x300.jpg
vtcinsure.ca/wp-content/uploads/2018/05/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/home-get-a-quote_1200x300.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
bcebc8f53a2d1a28cc1bddfc90a1579aaabacca8c8c1cd8c01f9409b98535793
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
9596
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:32 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Sun, 11 Jun 2023 10:18:10 GMT
WidgetScript
app.purechat.com/VisitorWidget/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.purechat.com/VisitorWidget/WidgetScript
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca/wp-content/cache/min/1/911b63c976bc0552f444a2538fd06aa4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd5dc24d0d7546794cc14f03e25888cd27e55f31c1abc66f212142d1d9e04050

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
date
Sat, 11 Feb 2023 06:27:15 GMT
last-modified
Tue, 31 Jan 2023 03:55:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
13856
etag
W/"6d472c54bbcb8a12a1f1d8f4906802b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
x-amz-cf-id
ERGi7SoA1xReapPuyd5PwfWASKLcQAAvCbubV3H9Yl0ZPv-8WBzD5Q==
anchor
www.google.com/recaptcha/api2/ Frame 0185 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5773b207e564815e2bdab36bbb1b5f639491c949de0e113a6b2aabe9a7717364
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A_9Xi7XWqilOKQaqRvbWFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22566
content-security-policy
script-src 'report-sample' 'nonce-A_9Xi7XWqilOKQaqRvbWFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Feb 2023 10:18:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
home-banner-indian-couple_1200x600.jpg
vtcinsure.ca/wp-content/uploads/2015/09/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2015/09/home-banner-indian-couple_1200x600.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
3731a29298c62c7b4422fd89a69d8c903d96847bfd2f60dcb496c154b639b4e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
32230
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:13:17 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=98
Expires
Sun, 11 Jun 2023 10:18:11 GMT
home-banner-asian-family_1200x600.jpg
vtcinsure.ca/wp-content/uploads/2015/09/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2015/09/home-banner-asian-family_1200x600.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
814cc28a1d40422e2134670912e8f08e67886edc3de46dffe7878b7a69b0c0f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
69668
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:13:26 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Sun, 11 Jun 2023 10:18:11 GMT
home-banner-mountains_1200x600.jpg
vtcinsure.ca/wp-content/uploads/2015/09/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2015/09/home-banner-mountains_1200x600.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
f6bce816666b3b5314e87a7b4207e1ce1115f9054de3366fb3c501a623931fed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:18:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
62564
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:13:22 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=97
Expires
Sun, 11 Jun 2023 10:18:11 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 0185 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 15:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 15:20:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 0185 		406 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 17:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166252
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 17:51:27 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0185 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 15:21:21 GMT
x-content-type-options
nosniff
age
327410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 14 Feb 2023 15:21:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0185 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 09:35:04 GMT
x-content-type-options
nosniff
age
261787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 09:35:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0185 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 18:28:44 GMT
x-content-type-options
nosniff
age
229767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 18:28:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 0185 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Sat, 11 Feb 2023 10:18:11 GMT
180ce955-cdb1-4c36-87b7-8711886ce338
widgetapi.purechat.com/api/visitorwidget/widgetversions/ 		407 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widgetapi.purechat.com/api/visitorwidget/widgetversions/180ce955-cdb1-4c36-87b7-8711886ce338
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.89.220 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-89-220.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
d14362412d51af8e13ec0d53b72c0e5ab70e382fa615f372610dd320e9125825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:18:12 GMT
server
Kestrel
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vtcinsure.ca
access-control-expose-headers
X-Requires-Auth
cache-control
max-age=60
access-control-allow-credentials
true
content-length
407
reload
www.google.com/recaptcha/api2/ Frame 0185 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1582e3231d1b1bef91bf352310e6a03318b568810db0ba74c11035a6206a5ea3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=f8uluyyyulkm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 11 Feb 2023 10:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18665
x-xss-protection
1; mode=block
expires
Sat, 11 Feb 2023 10:18:11 GMT
29
api-cdn.purechat.com/api/visitorwidget/widget/180ce955-cdb1-4c36-87b7-8711886ce338/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.purechat.com/api/visitorwidget/widget/180ce955-cdb1-4c36-87b7-8711886ce338/29
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-77.fra2.r.cloudfront.net
Software
Kestrel /
Resource Hash
044ee2da13bfb39b7a34deb2bc846335672662e47c69c088771aeadc2ec48e34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 21:49:36 GMT
content-encoding
gzip
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA2-C1
age
44916
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vtcinsure.ca
access-control-expose-headers
X-Requires-Auth
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-id
5ZGqSFxRuD2vZ23ANzYyyfdnVzguVi8xoP7XiGd1zwzhU-oira2gxw==
version
app.purechat.com/ 		234 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.purechat.com/version?_=_&callback=_WidgetJPCB_Version
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
643f76818cce37b7ab044eadec562ad4abbdc9db1416cbb3ecef58ce15c3f38b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 11 Feb 2023 10:07:09 GMT
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 03:55:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
665
etag
"b4a0d7af6df32f8107e975582c098ef3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=900
content-length
234
x-amz-cf-id
KMsGIIbAzRNjk4eHRZyjjKjNxye6T3t68m1CHz4ZKqM0CpFJKEOF3A==
modern_initializer.13836.js
prod.purechatcdn.com/assets/ 		132 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.purechatcdn.com/assets/modern_initializer.13836.js
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08eb812ae90c8ebf8cb7b8cc054b6ca9497a83d7c20be0a6626a4f0dae47546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:18:12 GMT
x-amz-version-id
null
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-C1
age
2266943
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Oct 2022 22:15:02 GMT
server
cloudflare
etag
W/"47ffa44a34a2af9c7f21609d19e46ae7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu7v1F5e9gC%2FcdgotqoCZt3xIfYvFepGV%2BEc5zEVujvxWnjsf98qOJMirUsh%2BtkytG1QzDHRUQHiCY1rqBSGMr9f4pfIFEbzwyssKexqSGdaaPl1DR3%2Bny0KQv916h%2BvgaQTCG%2FBXJLJzXuxVaBWa8KINA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
797c56d4282030c3-FRA
x-amz-cf-id
wlpgaEXp7UPLdRvXbijoXa2cJrHOr1jyWZytfEqYnkBYe9VVYLb9LQ==
modern_app.13836.js
prod.purechatcdn.com/assets/ Frame 438B 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.purechatcdn.com/assets/modern_app.13836.js
Requested by
Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_initializer.13836.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad6b755ce48903466e83f34c109bdc78ceed476aefafca382b4429ea0fc7785

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:18:12 GMT
x-amz-version-id
null
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-C1
age
9288062
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Oct 2022 22:15:02 GMT
server
cloudflare
etag
W/"b9a3e7a54d8014cfdf42043f9fc155dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9AGOZ0FKp82wc%2FceCttywS22HCJWYJajoHVcWHzZco6UwwfxF6y%2BSV4q65RLdb%2FtYcUJxwwsUdIP5SPB9OJjit1I91hjYoOqX%2FQS3h6iTpVP7eUXTSQpZevmhr8ST1ph2TW3odXCro%2F%2F09sbKQfvN1xKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
797c56d4c8cc30c3-FRA
x-amz-cf-id
RKJ9wtveVsFuIvnoLQxdBUWe0Y7P7KMwOauuYVZhhITomkWXD_PL1g==
180ce955-cdb1-4c36-87b7-8711886ce338
api.purechat.com/api/visitorwidget/chatavailable/502049/ Frame 438B 		20 B
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purechat.com/api/visitorwidget/chatavailable/502049/180ce955-cdb1-4c36-87b7-8711886ce338?externalRequest=false&getAvailableOperators=true
Requested by
Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_app.13836.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.89.220 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-89-220.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87

Request headers

Accept
application/json
Referer
https://vtcinsure.ca/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vtcinsure.ca
date
Sat, 11 Feb 2023 10:18:13 GMT
access-control-expose-headers
X-Requires-Auth
access-control-allow-credentials
true
server
Kestrel
content-length
20
content-type
application/json; charset=utf-8
180ce955-cdb1-4c36-87b7-8711886ce338
api.purechat.com/api/visitorwidget/chatavailable/502049/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purechat.com/api/visitorwidget/chatavailable/502049/180ce955-cdb1-4c36-87b7-8711886ce338?externalRequest=false&getAvailableOperators=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.89.220 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-89-220.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://vtcinsure.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://vtcinsure.ca
date
Sat, 11 Feb 2023 10:18:13 GMT
server
Kestrel
admin-ajax.php
vtcinsure.ca/wp-admin/ 		0
0
/
checkin.purechat.com/api/checkin/ Frame 438B 		113 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkin.purechat.com/api/checkin/
Requested by
Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_app.13836.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.141.190 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-141-190.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
fd1dd3c2445f18ca6a48c550769fd623ef8236c44f4c14750b41211a04e1e074

Request headers

Referer
https://vtcinsure.ca/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://vtcinsure.ca
date
Sat, 11 Feb 2023 10:18:14 GMT
access-control-allow-credentials
true
server
Kestrel
content-length
113
content-type
application/json; charset=utf-8
/
checkin.purechat.com/api/checkin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://checkin.purechat.com/api/checkin/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.141.190 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-141-190.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vtcinsure.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://vtcinsure.ca
date
Sat, 11 Feb 2023 10:18:13 GMT
server
Kestrel

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vtcinsure.ca
URL
https://vtcinsure.ca/wp-admin/admin-ajax.php

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange undefined| $ function| jQuery function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| setImmediate function| clearImmediate object| moove_frontend_gdpr_scripts object| lazyLoadOptions function| LazyLoad object| doc object| wpcf7 object| scriptData object| runtime object| wpcf7_recaptcha string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced string| gdpr_consent__cookies object| cssua object| fusionAnimationsVars function| fusionSetAnimationData object| fusionJSVars object| fusion object| fusionLightboxVideoVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initSwiperScrollingSection function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| avadaFusionSliderVars function| updateVideoTag function| avadaFusionSlider object| avadaFadeVars function| avadaTriggerPageTitleFading object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch function| fusionGetScrollOffset object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars function| fusionInitStickyColumns function| lazyLoadThumb function| lazyLoadYoutubeIframe object| swv object| regeneratorRuntime function| postscribe function| gdpr_lightbox object| awbAnimationObservers object| html5 object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances object| awb_oc_timeouts object| awbOffCanvas function| awbScrollSpy object| purechatApi object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| responsiveTypeElements string| fusionBaseFontSize number| lastYPosition boolean| scrollDisabled object| recaptcha object| closure_lm_289395 number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth string| rubyRenderInternalCheckpoint function| updateRubyRenderCheckpoint function| updateRubyRenderInternalCheckpoint function| PCWidget object| fusionVimeoPlayers number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| mobileMenuSepAdded function| _WidgetJPCB_Version object| _pcWidgetInitializer

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMK3mNDV-rBMPyUFo8YJ5QVyOV_3_zHwk160BGEZa9JbdaP3eQoKA9Rcp4MCYeA4y22XBRLosBnRsi3b3Ew3YcE
.purechat.com/ Name: _PCCSID_502049
Value: 3b5842f4-ed99-4e6a-bf4a-ac434fefaeb8
.purechat.com/ Name: _PCCID
Value: e501b30c-1b80-491e-ba7c-6a8da801f3cc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cdn.purechat.com
api.purechat.com
app.purechat.com
assurancevisiteuraucanada.com
checkin.purechat.com
fonts.gstatic.com
prod.purechatcdn.com
vtcinsure.ca
widgetapi.purechat.com
www.google.com
www.gstatic.com
vtcinsure.ca
13.224.189.77
13.32.121.25
2001:4860:4802:36::15
2a00:1450:4001:80f::2003
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2004
2a06:98c1:3121::3
3.140.89.220
3.18.141.190
64.250.86.18
0359644fa773c3456e06250afa1594bafbb4f7ec9122905d1718e7ad45479da8
044ee2da13bfb39b7a34deb2bc846335672662e47c69c088771aeadc2ec48e34
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
1582e3231d1b1bef91bf352310e6a03318b568810db0ba74c11035a6206a5ea3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
355de0ef1cbfa0debda8d9d3cf9519dd48668eaede074e7de8e18850c3e3ed1f
3731a29298c62c7b4422fd89a69d8c903d96847bfd2f60dcb496c154b639b4e7
3ca8bbf5ee7d92f08a16c24c87316c1127882007e3f67e357cfaa9f8b2467f5f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4009aa0cc840ef0b52fa8519bc5289a5b5b145addfde4f5b6d5526d94b66189b
40454b63db1d5bdc1fd46b1d2d36702d937792eb70470ad0909ed66d5b5ef0de
49ef37d639c578e8a3ec10db855733b04015999cdabeaec298fd17e5b24aab18
5773b207e564815e2bdab36bbb1b5f639491c949de0e113a6b2aabe9a7717364
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
643f76818cce37b7ab044eadec562ad4abbdc9db1416cbb3ecef58ce15c3f38b
72890f0185b9e62e3d0d8fcc382fb79b6d1cc593b900bd0f02bb48e82c328725
814cc28a1d40422e2134670912e8f08e67886edc3de46dffe7878b7a69b0c0f2
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87
aad6b755ce48903466e83f34c109bdc78ceed476aefafca382b4429ea0fc7785
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
bcebc8f53a2d1a28cc1bddfc90a1579aaabacca8c8c1cd8c01f9409b98535793
bd5dc24d0d7546794cc14f03e25888cd27e55f31c1abc66f212142d1d9e04050
c08eb812ae90c8ebf8cb7b8cc054b6ca9497a83d7c20be0a6626a4f0dae47546
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
d14362412d51af8e13ec0d53b72c0e5ab70e382fa615f372610dd320e9125825
f6bce816666b3b5314e87a7b4207e1ce1115f9054de3366fb3c501a623931fed
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
fd1dd3c2445f18ca6a48c550769fd623ef8236c44f4c14750b41211a04e1e074
fea7739b709d8751c9005f94338bacc4b5270d588be3b036bb5c8f230eab9092