activate.ibygte.ca Open in urlscan Pro
2607:f8b0:4020:804::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://activate.ibygte.ca/
Submission: On May 22 via automatic, source certstream-suspicious (May 22nd 2023, 1:58:08 am UTC) — Scanned from CA

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 48 HTTP transactions. The main IP is 2607:f8b0:4020:804::2013, located in Montreal, Canada and belongs to GOOGLE, US. The main domain is activate.ibygte.ca.
TLS certificate: Issued by GTS CA 1D4 on May 22nd 2023. Valid for: 3 months.

This is the only time activate.ibygte.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2607:f8b0:402... 2607:f8b0:4020:804::2013	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:804::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:893b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:62ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:8b65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:cdc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	17

3 2607:f8b0:4020:804::2013 (Montreal, Canada)

ASN15169 (GOOGLE, US)

activate.ibygte.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81f::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
255758508-atari-embeds.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:893b (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6ac7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:62ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9b53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:8b65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cdc9 (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	1 MB
9	google.com apis.google.com — Cisco Umbrella Rank: 109 play.google.com — Cisco Umbrella Rank: 21	164 KB
6	hubspot.com 1 redirects api.hubspot.com — Cisco Umbrella Rank: 4501 track.hubspot.com — Cisco Umbrella Rank: 2133 app.hubspot.com — Cisco Umbrella Rank: 5082 api-na1.hubspot.com — Cisco Umbrella Rank: 25312	24 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5335	294 KB
3	ibygte.ca activate.ibygte.ca	12 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4370 forms.hscollectedforms.net — Cisco Umbrella Rank: 4505	26 KB
2	googleusercontent.com lh6.googleusercontent.com — Cisco Umbrella Rank: 406 255758508-atari-embeds.googleusercontent.com	48 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	hubspot.net avatars.hubspot.net — Cisco Umbrella Rank: 27623	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4470	22 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1986	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1980	21 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7599	1 KB
48	13

	Domain	Requested by
8	www.gstatic.com	activate.ibygte.ca www.gstatic.com
7	apis.google.com	activate.ibygte.ca apis.google.com www.gstatic.com 255758508-atari-embeds.googleusercontent.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
4	fonts.gstatic.com	fonts.googleapis.com
3	activate.ibygte.ca	www.gstatic.com
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	api.hubspot.com	js.usemessages.com
2	play.google.com	www.gstatic.com
2	fonts.googleapis.com	activate.ibygte.ca
1	avatars.hubspot.net
1	api-na1.hubspot.com	1 redirects
1	track.hubspot.com	255758508-atari-embeds.googleusercontent.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.usemessages.com	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	js-na1.hs-scripts.com	255758508-atari-embeds.googleusercontent.com
1	255758508-atari-embeds.googleusercontent.com	www.gstatic.com
1	ssl.gstatic.com	activate.ibygte.ca
1	lh6.googleusercontent.com	activate.ibygte.ca
48	21

This site contains no links.

Subject Issuer	Validity	Valid
activate.ibygte.ca GTS CA 1D4	`2023-05-22` - `2023-08-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://activate.ibygte.ca/
Frame ID: 5129467E93B336DE3015AA76E5D15F8E
Requests: 23 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__&r=71976921
Frame ID: 225EAABA2E1DC4B91EA50C661AEE142D
Requests: 3 HTTP requests in this frame

Frame: https://255758508-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
Frame ID: F292A8DA8AE38429A9BB7F159A864202
Requests: 3 HTTP requests in this frame

Frame: https://js-na1.hs-scripts.com/23884802.js
Frame ID: 7B3E48E808105566C81927A243669747
Requests: 8 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/23884802/threads/utk/e332e3f877b24750a08e26cc6890485a?uuid=6c7e485b1c0f4c48b7efcd23b2939854&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=255758508-atari-embeds.googleusercontent.com&inApp53=false&messagesUtk=e332e3f877b24750a08e26cc6890485a&url=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.en.yTSbWrSe458.O%252Fd%253D1%252Frs%253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%252Fm%253D__features__&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: C495D96872D4B3CEB57DF96B39FF31A4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

iBygte | CA

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

48
Requests

94 %
HTTPS

100 %
IPv6

13
Domains

21
Subdomains

17
IPs

2
Countries

1885 kB
Transfer

5728 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://api-na1.hubspot.com/userpreferences/v1/avatar/4d8c3c6bf6f8709ecb0814bd389f8848/100 HTTP 307
https://avatars.hubspot.net/4d8c3c6bf6f8709ecb0814bd389f8848-100

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
activate.ibygte.ca/ 52 KB
12 KB 219ms
101ms Document
text/html 2607:f8b0:4020:804::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

257bf4e2080862eea14c4c900ce378e12a925096d4d3b97a4f76442ebbb13e53

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ocv1Bn7x4Ulx3y-XiMucVw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ocv1Bn7x4Ulx3y-XiMucVw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
date: Mon, 22 May 2023 01:58:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ESF
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 5 KB
935 B 74ms
34ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 01:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 00:02:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 01:58:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 75ms
35ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12e93144a5907f7a2b5b07f04c5eb63ddaf023b03ac3d2085c3fd096c11db952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 01:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 00:14:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 01:58:03 GMT

GET
H2 200 rs=AGEqA5kwUISKVmBScJ49A0URzGDJbuLyfg
www.gstatic.com/_/atari/_/ss/k=atari.vw.Df-nZQqb_v4.L.W.O/d=1/ 1 MB
146 KB 68ms
19ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.Df-nZQqb_v4.L.W.O/d=1/rs=AGEqA5kwUISKVmBScJ49A0URzGDJbuLyfg

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb03459079aafc5478cb5ed7279c82f14ad653a8b425165efac061f6e5a9b2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149049
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 17 May 2024 17:43:17 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 17 KB
7 KB 83ms
34ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9377b21ec3ae255d4a94095b52c670b0716d74a8e7a639b78957b9872d6ef244

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 01:58:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "dc24d3197abd9f1e"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 May 2023 01:58:03 GMT

GET
H2 200 ZuXYWQZ-ne_8PmXIjDenUOdEFa3o3xHkVpAcEuJyzulpGV59uicFvQKtq1TS9UOGozr8QWvGozikuDtrD_kWQHgr3FeBW8Uu4AejStBHJf5TfYT1oDLuls_eHNCmIybKbw=w1280
lh6.googleusercontent.com/ 47 KB
47 KB 220ms
158ms Image
image/png 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/ZuXYWQZ-ne_8PmXIjDenUOdEFa3o3xHkVpAcEuJyzulpGV59uicFvQKtq1TS9UOGozr8QWvGozikuDtrD_kWQHgr3FeBW8Uu4AejStBHJf5TfYT1oDLuls_eHNCmIybKbw=w1280

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ffc9970a081af448cf4ea545c71342f97c7fc92483d538e884091cb2adb9dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_1100.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48229
x-xss-protection: 0
expires: Tue, 23 May 2023 01:58:03 GMT

GET
H2 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/ 789 KB
247 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9faee009d1c9c89f14fe4c2060faa6af48e19a7396bc1ceccb5114938a6287b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252476
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 17 May 2024 17:43:18 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ 315 KB
108 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bedc118ad4b8018e96dd64b927d0eb07ac64e56968548efd33705c1dddeafb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 07:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109934
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 07:45:34 GMT

GET
H2 200 simple-header-blended-small.png
ssl.gstatic.com/atari/images/ 290 KB
291 KB 60ms
16ms Image
image/png 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/atari/images/simple-header-blended-small.png

Requested by

Host: activate.ibygte.ca
URL: https://activate.ibygte.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630cc964d03e283699d55d2c1e10aeb9738bad380bde7ca321822e2db51c1317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:48:47 GMT
x-content-type-options: nosniff
age: 126556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 297036
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Sun, 19 May 2024 14:48:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 52ms
11ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://activate.ibygte.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 14:35:54 GMT
x-content-type-options: nosniff
age: 386529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 14:35:54 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ 29 KB
29 KB 55ms
14ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://activate.ibygte.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 09:51:32 GMT
x-content-type-options: nosniff
age: 144391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 09:51:32 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 66ms
25ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://activate.ibygte.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:34:37 GMT
x-content-type-options: nosniff
age: 462206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 17:34:37 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 13ms
12ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://activate.ibygte.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:29:53 GMT
x-content-type-options: nosniff
age: 462490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 17:29:53 GMT

GET
H3 200 m=sy1b,sy1c,sy1a,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/ 37 KB
12 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=sy1b,sy1c,sy1a,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

640f26ab945663b4b8f32f526869392508cb261063cc022622eec9b08fbbb3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12670
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 17 May 2024 17:43:18 GMT

GET
H3 200 m=sy2m,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/ 850 B
514 B 23ms
22ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=sy2m,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecac46b991c438aeffd47c22b19fdf85b75ea00a3ce8855f249710c748d1cf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 17 May 2024 17:43:18 GMT

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy15,TGYpv,sy11,X85Uvc,sy2n,abQiW,W26a5e,hJUyqe,sy13,sy18,sy14,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy12,qkPXAf,qEW1W,oNFsLb,sy3l,yxTchf,sy3m,sy3n,xQtZb,yf2Bs,sy2,sy8,yyxWAc,q... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/ 1 MB
395 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy15,TGYpv,sy11,X85Uvc,sy2n,abQiW,W26a5e,hJUyqe,sy13,sy18,sy14,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy12,qkPXAf,qEW1W,oNFsLb,sy3l,yxTchf,sy3m,sy3n,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2p,SM1lmd,sy6,sy5,syy,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2o,sy1q,syl,RrXLpc,cgRV2c,sy10,sy1r,o1L5Wb,X4BaPc,syf,Md9ENb,sy1h,sy1i,sy1j,syn,syp,sy1e,sy1f,sy1g,sy1p,syo,syx,syz,KlrXId,NlqxW,sy1n,sy1o,sy1l,sy1m,syb,sys,sy1k,sy1t,sy1w,sy1y,sy23,sy1u,sy22,sy2a,sy1s,sy1v,sy20,sy1x,sy21,sy24,sy28,sy29,sy2c,sy2d,sy1d,T807ad,sy1z,ZDEHrf,sy25,sy26,sy27,sy2b,oy3iwb,dBhIIb,syq,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,R4KMEc,sy2e,sy2f,sy2g,sy2h,UYjpC,vVEdxc,sy3,VYKRW,sy19,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3353e294c1e314008862c98085e3e7906682cab6d14e6614dfa3c54494bffe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404439
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Tue, 14 May 2024 20:03:31 GMT

GET
H3 200 m=sy3c,IZT63,vfuNJf,sy36,sy3a,sy3d,sy3q,sy3o,sy3p,siKnQd,sy34,sy3b,sy3f,YNjGDd,sy3e,sy3g,PrPYRd,iFQyKf,hc6Ubd,sy3r,SpsfSb,sy37,sy39,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/ 27 KB
10 KB 32ms
32ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=sy3c,IZT63,vfuNJf,sy36,sy3a,sy3d,sy3q,sy3o,sy3p,siKnQd,sy34,sy3b,sy3f,YNjGDd,sy3e,sy3g,PrPYRd,iFQyKf,hc6Ubd,sy3r,SpsfSb,sy37,sy39,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e38b025c8e6f45264ad1e165d3fe5b719ec3264218078e749ba24f47c857949b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10188
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 17 May 2024 17:43:19 GMT

GET
H3 200 m=m9oV,syd,syi,Ae65rd,sy3h,NTMZac,rCcCxc,mzzZzc,RAnnUd,CuaHnc,sy2q,sy2r,uu7UOe,nAFL3,sy2j,gJzDyc,sy2s,sy2t,soHxf,syv,syu,HYv29e,sy2u,uY3Nvd,mxS5xe Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/ 36 KB
12 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=0/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=m9oV,syd,syi,Ae65rd,sy3h,NTMZac,rCcCxc,mzzZzc,RAnnUd,CuaHnc,sy2q,sy2r,uu7UOe,nAFL3,sy2j,gJzDyc,sy2s,sy2t,soHxf,syv,syu,HYv29e,sy2u,uY3Nvd,mxS5xe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32dff3c13e114898d78152810b511aebca064625a6e3a62254c98e62d6d2f58e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11794
x-xss-protection: 0
last-modified: Tue, 09 May 2023 12:33:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 17 May 2024 17:43:21 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 99ms
32ms Preflight
text/plain 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://activate.ibygte.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 22 May 2023 01:58:03 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
activate.ibygte.ca/_/view/ 16 B
219 B 71ms
70ms XHR
application/json 2607:f8b0:4020:804::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://activate.ibygte.ca/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://activate.ibygte.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 May 2023 01:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ 261 B
201 B 12ms
12ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cdd4be55b26feb467f9ba3447bc01640934768ea0e11f889e0e31abfeff9ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://activate.ibygte.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 14:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 14:47:53 GMT

GET
H3 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 225E 2 KB
947 B 39ms
38ms Document
text/html 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__&r=71976921

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://activate.ibygte.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 922
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 01:58:03 GMT
expires: Tue, 21 May 2024 01:58:03 GMT
last-modified: Fri, 19 May 2023 12:26:51 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame 225E 17 KB
7 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__&r=71976921

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bc54bdf7044249c87f7f7d063004afbde1f8cb1d64b636c37ccee5fe34f11e6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 01:58:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "74f512b45a8028e5"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 May 2023 01:58:03 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ Frame 225E 50 KB
18 KB 15ms
15ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d6f97d531bfc22beda5849186d094e22ea407cf803b10d50232874d300c62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 07:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18087
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 07:09:07 GMT

GET
H3 200 inner-frame-minified.html Show response
255758508-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame F292 2 KB
940 B 79ms
37ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://255758508-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 915
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 01:58:04 GMT
expires: Tue, 21 May 2024 01:58:04 GMT
last-modified: Fri, 19 May 2023 12:26:51 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame F292 17 KB
7 KB 36ms
35ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: 255758508-atari-embeds.googleusercontent.com
URL: https://255758508-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bc54bdf7044249c87f7f7d063004afbde1f8cb1d64b636c37ccee5fe34f11e6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 May 2023 01:58:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "74f512b45a8028e5"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 May 2023 01:58:04 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ Frame F292 50 KB
18 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d6f97d531bfc22beda5849186d094e22ea407cf803b10d50232874d300c62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 07:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18087
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 07:09:07 GMT

GET
H2 200 23884802.js Show response
js-na1.hs-scripts.com/ Frame 7B3E 2 KB
1 KB 323ms
280ms Script
application/javascript 2606:4700::6812:893b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/23884802.js
Requested by: Host: 255758508-atari-embeds.googleusercontent.com
URL: https://255758508-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:893b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e99c16212a49b2d8add07f873a62e39da729e92483681d0ed3f4b79301655fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 46bcd321-6629-42f2-afe4-a2d927febab3
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 41
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6dd1ac23-0608-44a3-bae1-03a7cf57fc33
last-modified: Mon, 22 May 2023 01:30:55 GMT
server: cloudflare
x-trace: 2BF649A2614E2EEBA247924F4EA139F9B6D1E15CEC000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://255758508-atari-embeds.googleusercontent.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-4lp8p
cf-ray: 7cb173b47ab77157-YUL

GET
H2 200 23884802.js Show response
js.hs-analytics.net/analytics/1684720500000/ Frame 7B3E 65 KB
21 KB 170ms
130ms Script
text/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1684720500000/23884802.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23884802.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b7b9a4cd38be350f0874ffad6a55ac6d0903caf67608206b159f263750b093

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EC26YY65PVNF3TRZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 28
x-amz-id-2: 4WDAFtgmpANhKQw2Brd+yRHY9muSFN6PSmU6azHKB2GTeraI6RC3EzLBt90Q60w9BXg8PDjzWAE=
x-evy-trace-listener: listener_https
x-request-id: 1aaee2da-5bf6-4c4e-855b-280042ab6038
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 16:04:04 GMT
server: cloudflare
etag: W/"dc77fd7e1242c49f96fca33dddae5d78"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7cb173b68d38ecf6-YUL
expires: Mon, 22 May 2023 02:03:04 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/23884802/ Frame 7B3E 208 KB
64 KB 163ms
120ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/23884802/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23884802.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5878363e4a10cf976b43dd75ea55340ffa48f9b5a54520a85dfb33e10071cc1b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
x-amz-version-id: qdD7K0K3qgfWo.Njugn_l5ogaphP_yq7
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 977765ENWX14AJPX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 103
x-amz-id-2: UBUEH2SWcnBc7b1qaMkh6Nk6b+W+jyxAEuU4Eqce9df+txUI+ubDGpfNb5PbEU0jDF6RXnTSb1Q=
x-evy-trace-listener: listener_https
x-request-id: bff143b9-3ea4-45f6-b9c2-f049f42b47c5
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 17 Apr 2023 22:13:52 GMT
server: cloudflare
etag: W/"354a25efa7097369cb1ae249f07fb47d"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://c23b53e4-4fc9-4dce-b0f7-9c082964da0a.id.repl.co
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7cb173b6898f7142-YUL
expires: Mon, 22 May 2023 02:03:04 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ Frame 7B3E 69 KB
25 KB 110ms
67ms Script
application/javascript 2606:4700::6811:6ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23884802.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687

Request headers

Referer: https://255758508-atari-embeds.googleusercontent.com/
Origin: https://255758508-atari-embeds.googleusercontent.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
x-amz-version-id: SGo7xq5b6d1kUu6c8SU5YR.mobmUICUY
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.370/bundles/project.js&cfRay=7cb173b688a733fb-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 90f58b55-93d2-4052-ab48-46cf0f864624
last-modified: Tue, 09 May 2023 08:44:18 UTC
server: cloudflare
etag: W/"d1b16df440198d59c993c4956b7fded6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-mm66x
cf-ray: 7cb173b688a733fb-YUL
x-amz-cf-id: nIZY7R2z8RW469uQsCS8X3ZZmE46jlHJa7pmQE0lsmObWyhQdhkMIw==
x-hs-target-asset: collected-forms-embed-js/static-1.370/bundles/project.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame 7B3E 75 KB
22 KB 74ms
32ms Script
application/javascript 2606:4700::6811:62ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/23884802.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:62ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00c78c552966d06c3f3343a8cbd4531a1edc0d3603220ad961fe911ce65d96e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
x-amz-version-id: OWAflGhHmNktYMPYV2RJc9PvJHEvyfBI
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 191
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13259/bundles/project.js&cfRay=7c9d50ab8f7853dd-YYZ
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 49e78217-6172-4db2-a62d-6735f9b9067a
last-modified: Fri, 19 May 2023 03:08:45 UTC
server: cloudflare
etag: W/"037728d6fdfd85b61dda0ea01094e461"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-5c7n7
cf-ray: 7cb173b68fd6ca67-YUL
x-amz-cf-id: lz6TdzskhDBbjHt8ZwXkbMxUGKXQGaRVmYQzWnbI-sPeRTBVbF1-qg==
x-hs-target-asset: conversations-embed/static-1.13259/bundles/project.js

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ Frame 7B3E 3 KB
2 KB 152ms
151ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=23884802&conversations-embed=static-1.13259&mobile=false&messagesUtk=e332e3f877b24750a08e26cc6890485a&traceId=e332e3f877b24750a08e26cc6890485a&referrer=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.en.yTSbWrSe458.O%252Fd%253D1%252Frs%253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%252Fm%253D__features__

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b308405f407bc9e5653558a21637eb4a8410eb355072c58e63c359f9e1af6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://255758508-atari-embeds.googleusercontent.com/
accept-language: en-CA,en;q=0.9
X-HubSpot-Messages-Uri: https://255758508-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 80b6f4db-be32-4863-abf1-a0e1c1fdbbb8
x-envoy-upstream-service-time: 93
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1603
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 08426924-e12f-43f4-82fc-ba359a33c354
server: cloudflare
x-trace: 2B002D17BCDD364D47D25721475A71B9EE45591965000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://255758508-atari-embeds.googleusercontent.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-s6249
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZD3HuvXWUOJX0BKfoeYdBYPKlcDEDgn4Re7qxgRUnKHFipe6pgIXFwn53BdeNn1OOo1wk%2FhlmjJQWHA8984oHToYFkQ20fdhUM4%2FSEttbWfbmOK%2BXK3cYjcRfEsDn%2FCfJ%2BaOJFqwwNsJd22lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cb173b77ecd714b-YUL
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 102ms
62ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://255758508-atari-embeds.googleusercontent.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://255758508-atari-embeds.googleusercontent.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cb173b71df9714b-YUL
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 22 May 2023 01:58:04 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIOBR1hzPMqLQzdpa56C8ZheZVSfsW0QMhJK8eT4N60eBCVoaGF1tF8wVz6GTwlJvaDX9IY3NjdYOi87qm%2Fjza6p2CBlNZKNPKmAM%2FeC6TwJP4HnPeq2FWl5GgpLQrZ%2FPEgUTe8wxm34o%2BDrUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-ntps2
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: ccd51e32-1eb9-4b8b-846a-c6b938431e16
x-request-id: fff9e3f1-d9d1-4397-8c4f-cbee28ac7720
x-trace: 2BA8537D48BA3AA6C650B07A66C3DCF077E46CCDFA000000000000000000

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ Frame 7B3E 116 B
469 B 70ms
60ms XHR
application/json 2606:4700::6811:6ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23884802&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab3471da7736d2d6793fa38d1d6ae245b2c62da8b5b845f1a032fd7ecd716f8

Request headers

Accept: application/json, text/plain, */*
Referer: https://255758508-atari-embeds.googleusercontent.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 92e38cdd-8a98-4e58-81cc-689e46ff0acf
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6cbcde30-9291-4bf4-b925-5b6a0ab73a6d
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://255758508-atari-embeds.googleusercontent.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-8rxrz
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7cb173b739eb33fb-YUL

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 7B3E 45 B
1 KB 143ms
103ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=23884802&r=https%3A%2F%2Fwww.gstatic.com%2F&pu=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.en.yTSbWrSe458.O%252Fd%253D1%252Frs%253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%252Fm%253D__features__&cts=1684720684719&vi=bf9ab03055433d20775911c31d27b62a&nc=true&ce=false&cc=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://255758508-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f5b17853-3716-4a0b-a93d-dc3c9800f0da
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a98369f0-d9f2-4d83-b409-f3dfff92ad81
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYthfqOjFNYG6ysMABPz8tTlu3VsRewUNnOzjO8J2wEx%2B65iK12haA55DDZPmw2AGMBXKexWZcJ72HrMCd75Zhlfz%2FSr3gdaQu6RSOXioPiddTOMCjlaNhk0lsZHh7YHIzV2y8nK64KplEckCBeY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-wnd65
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7cb173b7cc6c4bd6-YUL
x-robots-tag: none

GET
H2 200 e332e3f877b24750a08e26cc6890485a Show response
app.hubspot.com/conversations-visitor/23884802/threads/utk/ Frame C495 53 KB
19 KB 194ms
181ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/23884802/threads/utk/e332e3f877b24750a08e26cc6890485a?uuid=6c7e485b1c0f4c48b7efcd23b2939854&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=255758508-atari-embeds.googleusercontent.com&inApp53=false&messagesUtk=e332e3f877b24750a08e26cc6890485a&url=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.en.yTSbWrSe458.O%252Fd%253D1%252Frs%253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%252Fm%253D__features__&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19866e5ed62a40d09b1d9d9468b695663ff6af603251010d4499a26f73f52b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://255758508-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: false
age: 3272
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7cb173b88db74bd6-YUL
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.15711/html/index.html&cfRay=7cb173b88db74bd6&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F23884802%2Fthreads%2Futk%2Fe332e3f877b24750a08e26cc6890485a%3Fuuid%3D6c7e485b1c0f4c48b7efcd23b2939854%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3D255758508-atari-embeds.googleusercontent.com%26inApp53%3Dfalse%26messagesUtk%3De332e3f877b24750a08e26cc6890485a%26url%3Dhttps%253A%252F%252F255758508-atari-embeds.googleusercontent.com%252Fembeds%252F16cb204cf3a9d4d223a0a3fd8b0eec5d%252Finner-frame-minified.html%253Fjsh%253Dm%25253B%25252F_%25252Fscs%25252Fabc-static%25252F_%25252Fjs%25252Fk%25253Dgapi.lb.en.yTSbWrSe458.O%25252Fd%25253D1%25252Frs%25253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%25252Fm%25253D__features__%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2F&cfenv=prod&pdt=2023-05-22&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 22 May 2023 01:58:05 GMT
etag: W/"46c58936223c38729dcbdfdedfc7a085"
last-modified: Fri, 19 May 2023 03:08:45 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7cb173b88db74bd6&resource=conversations-visitor-ui/static-1.15711/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-amz-cf-id: zan9mO2oGG1CfJXyt2EDA10MGLt6VTKAd9RemL_L6T4e3cfuc5E7Pw==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: wLlSWwveA8rIt5vNQdBqb51i5BHtQZj0
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 87
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.15711/html/index.html
x-hs-worker-debug-mode: false
x-request-id: a3b4d6a8-bb73-41bb-82cd-d03157f38361

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.338/ Frame C495 44 KB
17 KB 62ms
22ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.338/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/23884802/threads/utk/e332e3f877b24750a08e26cc6890485a?uuid=6c7e485b1c0f4c48b7efcd23b2939854&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=255758508-atari-embeds.googleusercontent.com&inApp53=false&messagesUtk=e332e3f877b24750a08e26cc6890485a&url=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.en.yTSbWrSe458.O%252Fd%253D1%252Frs%253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%252Fm%253D__features__&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef39ee441c4e7792c5cda9a8bd86ddce96d9b17bda0cc9f7187f1a70ce9b3ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
x-amz-version-id: uq4ahwTgbmdDVq3iqHPHE8OZSufTo1wc
via: 1.1 74636a0d3b110dc164c7801b27cac3b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK51-C1
age: 1580422
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 15:18:57 GMT
server: cloudflare
etag: W/"d4a36ffcc533bcbae2a557884d3059e8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BNEdP7pIArLQkFgb3VEY8ZvoOLLMsECC7es8ivKDUvYFMqOfgiydoScJAdrlK1mgt6CQcdRQmiYAj5E1D9SCWszBz0Ph2jNk3EvKUkBqZf5P9qyhuAujuuzPHETgpdaZGB37E1KZ1LUznULkzrsp8FVzY0%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7cb173b9fc607157-YUL
x-amz-cf-id: Dh2ThPeLppLnF7AVXjb6MHYPIMdUvc_ie5Tj6vnR0gs7-Hsc4IVv-g==
expires: Tue, 21 May 2024 01:58:05 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame C495 20 KB
4 KB 67ms
28ms Stylesheet
text/css 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
x-amz-version-id: eTttM9S_vWGkXsa3G13R54bOHuRyRlPL
via: 1.1 6331ad4d01fe2ac3862b09f9f203c8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD58-P3
age: 2099820
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 22:24:16 GMT
server: cloudflare
etag: W/"8b2053a9d9199e217c1f3e61d80f5d90"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkjUrvyXLsKEDZ9%2BFcdSqWGQZkAdhZgY6YV%2BZrnLeT3At0k%2BTGdfK8jnU0iDjKr5%2BquASEcUsyjs0a73JzEdQNrdWLPthtBpYHdlSPHZpvBjmUkGnu1DAMus4XJLIUj5vtiOjGF6oepAkujdcKl6gUl%2Ft%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7cb173b9f930ca6f-YUL
x-amz-cf-id: H2oRlNaUpH0B0ZdT_VH4oRUC-LsR6nfPtFxk0bY1tv6qH5fUbV2YsQ==
expires: Tue, 21 May 2024 01:58:05 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.392/ Frame C495 294 KB
94 KB 61ms
23ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.392/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a827ba0a43cbeb52e1f7c01fac1d8526f1a927ef58d5a0bc4ea4047a8b47f075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
x-amz-version-id: GyJQrIoHDRIfCuwwSVVsJwX13g1Qp9_O
via: 1.1 cd7dae0c96563a292a61aa72a3e889e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD58-P3
age: 1509346
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Apr 2023 11:56:47 GMT
server: cloudflare
etag: W/"90cd3e4c19469ce68f12da7dbe18af11"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHedDpG%2B2GwSW4tXXvG57DpU9%2BVOZUuTT%2BPDKTKOgatsFuBo9gXVfm3dxi0moLToBOt2kjIinWiDeWz2yZuUAX3ezfxoq79CnJOkTfkNohaoAww1P3SnPdsQN9OcnbVJaLccqHfpjjA7%2Bw01p34xizVMFc4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7cb173b9fc637157-YUL
x-amz-cf-id: syvuBUHFdjm204UWKu6ddegHMQQclqDBBSxw2cSJD_VpOz6WT0CLIA==
expires: Tue, 21 May 2024 01:58:05 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15711/bundles/ Frame C495 609 KB
178 KB 85ms
47ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15711/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb5dfd947750162ecb5db8c79ff6e1f3b0196f51d231cad9a81e08a9d53cefa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
x-amz-version-id: MlJyxlM074nZlTkTsduSdC5NWo70Q7BT
via: 1.1 192b5dfe0d3306c6761973a7786a01d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YUL62-C2
age: 200780
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 May 2023 15:00:24 GMT
server: cloudflare
etag: W/"e526594b2d2ac612cad49e9408eef146"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTWdwGGG6vrTxUzL3iE2aceQurkb9mh%2BBvG%2FFN6bvfezYhke5c904s9enIu144T6gqzsiwN0xgBeFvbFbSyOP8T02s8BE%2BjdH042a77RT3Fq4x53hj9q6TxITDtNKG0Qs04fH1EX41cEDNZ%2BqLAVywh5h3I%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7cb173b9fc667157-YUL
x-amz-cf-id: 31gevVsvZXeOaBn2aen1CQ9vNQzGodUs5FdPhNb6c6dQLYJp0pnk8w==
expires: Tue, 21 May 2024 01:58:05 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15664/ Frame C495 776 B
859 B 31ms
30ms Script
application/javascript 2606:4700::6812:8b65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15664/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15711/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d6fdfd618b5041e1e0532158b7a136f6beeade5faab96d24814f1fe8b2afdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
x-amz-version-id: PBX5u7su2FHf7SiXp_c6oCZdHHTWbpHl
via: 1.1 c792ae1ce34a9f3533ab0d18e5712c4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: ORD58-P3
age: 279321
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 21:19:05 GMT
server: cloudflare
etag: W/"857129d58fe1220f17139aed4ef346ea"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHGesosFBeBoMkfhInyMDaU3saKzcQhPZJcwhuekcaJ3m66CuReLhkSSxN95YHBSfzmRIsqk2tzVwPPlACzgMhF4rcWLFePbYzkqVewEpw6KEXcaiEl5h%2FPuIfgHY2PNMrS6X2FxwsUr2VOHSKywe%2BTnP38%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7cb173bb1e5a7157-YUL
x-amz-cf-id: yxQGAOTl6eNp8Mx8avt3p7mWczR8ijS6CdowMy0NZ6qc-6y7Uj4n-A==
expires: Tue, 21 May 2024 01:58:05 GMT

GET
H2

200

4d8c3c6bf6f8709ecb0814bd389f8848-100
avatars.hubspot.net/ Frame C495
Redirect Chain

https://api-na1.hubspot.com/userpreferences/v1/avatar/4d8c3c6bf6f8709ecb0814bd389f8848/100
https://avatars.hubspot.net/4d8c3c6bf6f8709ecb0814bd389f8848-100

2 KB
3 KB

162ms
121ms

Image
image/png

2606:4700::6812:cdc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/4d8c3c6bf6f8709ecb0814bd389f8848-100
Protocol: H2
Server: 2606:4700::6812:cdc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67b833dcd17782a0672dabb21f57ed6dffc88737aa29bf4602eb7fa319542d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2D3K543YD89RSGZK
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1991
x-amz-id-2: TnD2wEKxSXd0mr+01xvqvyO2FQKQvI7yj0jQwIABq+Hm/ZNNlZiXcLqbrZ9TkVYLX0VOky7DsFc=
last-modified: Mon, 30 Jan 2023 23:02:28 GMT
server: cloudflare
etag: "91f7cb55b4c4916b1ae6d283a1c82cef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWJZBs1f6eZOdcH6QRbuvjoiRfhD7hnW3hNJMSA2tUWB4CvtKBhVG7fJdlIXOzSn9PE7MzI6Rhi%2BOrbagUbG6PDnJpTCJumWr58NBSL9%2BLtNv5pA3YjsIqoeq2PitZjxYvykx%2FioUK7jVRPJvBwiYXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=0
accept-ranges: bytes
cf-ray: 7cb173bc885bca47-YUL

Redirect headers

date: Mon, 22 May 2023 01:58:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7094484c-cfe3-42c1-b6e1-f7e831e2b072
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d9e67f58-fd90-4b93-b39f-e9d4e2b8ff19
server: cloudflare
x-trace: 2BC3BE299A0CAAE21209C0B2662A722F34C6DFB1C3000000000000000000
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AR8bCX3i%2B5vtGdBCJJP6tjP2uVI5vQyoM94fCxoMlZj2lTKyc0PiPZSjEaReL5y935M7Zc%2FC4QYQ1wTmb%2FqdfCejLBa8KhrsNUA5kCr76Cm7pIqUskxfcgVJYC%2FdP9uMUWS2qNKxM1yAfKrn00Bius%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/4d8c3c6bf6f8709ecb0814bd389f8848-100
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-z8kzl
access-control-allow-credentials: false
cf-ray: 7cb173bbeb1d4bd6-YUL

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame C495 0
1 KB 76ms
75ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15711

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15711/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/23884802/threads/utk/e332e3f877b24750a08e26cc6890485a?uuid=6c7e485b1c0f4c48b7efcd23b2939854&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=255758508-atari-embeds.googleusercontent.com&inApp53=false&messagesUtk=e332e3f877b24750a08e26cc6890485a&url=https%3A%2F%2F255758508-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.en.yTSbWrSe458.O%252Fd%253D1%252Frs%253DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%252Fm%253D__features__&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 May 2023 01:58:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6b8de361-fc25-422d-942f-9198b9551ebb
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8f609173-6cc2-4dba-9b85-cec89d4fa416
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FoGtyr%2BUpkTR%2FHAbmFJvR0hsPyjoTB82mWvpquS4V3RWvCFL1ls1UpaFt9%2BvnJhQ6a9zGUZ0C2o5rSAsDNVwjNIqkUDdSxnykLLBH8zUio9jIFsd7h7GbsXcDNHylyYVHODocrxkTG17Ot8XA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-ltr78
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7cb173bbdb0c4bd6-YUL
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
32ms Preflight
text/plain 2607:f8b0:4020:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://activate.ibygte.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 22 May 2023 01:58:06 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
activate.ibygte.ca/_/view/ 16 B
115 B 76ms
76ms XHR
application/json 2607:f8b0:4020:804::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://activate.ibygte.ca/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.WMDybR68bjM.O/d=1/rs=AGEqA5mAzWc82VWRwQ1GakgSCD8EG-96Kg/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://activate.ibygte.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 May 2023 01:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hubspot.com/	1970-01-20 11:58:42	Name: __cf_bm Value: Baw9vCjgwHLyM9X_CIhI6vZUHiRZxzJc0OQcXiSzbGc-1684720684-0-AYcdqtCoWgKDAw0HGBdO2K+rW+ny53YKJAC2eeuojkLqJuETTmdQfqsT+2EnDiM0cI/HZvVk/oqOpC2cnI9CwV4=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://activate.ibygte.ca/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://activate.ibygte.ca' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://activate.ibygte.ca/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://activate.ibygte.ca' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ocv1Bn7x4Ulx3y-XiMucVw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

255758508-atari-embeds.googleusercontent.com
activate.ibygte.ca
api-na1.hubspot.com
api.hubspot.com
apis.google.com
app.hubspot.com
avatars.hubspot.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.usemessages.com
lh6.googleusercontent.com
play.google.com
ssl.gstatic.com
static.hsappstatic.net
track.hubspot.com
www.gstatic.com
play.google.com
2606:4700::6810:8bce
2606:4700::6811:62ac
2606:4700::6811:6ac7
2606:4700::6812:19c4
2606:4700::6812:893b
2606:4700::6812:8b65
2606:4700::6812:cdc9
2606:4700::6813:9b53
2607:f8b0:4006:81f::2003
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2013
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::200e
00c78c552966d06c3f3343a8cbd4531a1edc0d3603220ad961fe911ce65d96e0
04d6f97d531bfc22beda5849186d094e22ea407cf803b10d50232874d300c62e
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12e93144a5907f7a2b5b07f04c5eb63ddaf023b03ac3d2085c3fd096c11db952
19866e5ed62a40d09b1d9d9468b695663ff6af603251010d4499a26f73f52b28
1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687
257bf4e2080862eea14c4c900ce378e12a925096d4d3b97a4f76442ebbb13e53
2bedc118ad4b8018e96dd64b927d0eb07ac64e56968548efd33705c1dddeafb2
2cdd4be55b26feb467f9ba3447bc01640934768ea0e11f889e0e31abfeff9ee0
2e99c16212a49b2d8add07f873a62e39da729e92483681d0ed3f4b79301655fc
2fb5dfd947750162ecb5db8c79ff6e1f3b0196f51d231cad9a81e08a9d53cefa
32dff3c13e114898d78152810b511aebca064625a6e3a62254c98e62d6d2f58e
3353e294c1e314008862c98085e3e7906682cab6d14e6614dfa3c54494bffe1b
36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
3ffc9970a081af448cf4ea545c71342f97c7fc92483d538e884091cb2adb9dfe
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4bc54bdf7044249c87f7f7d063004afbde1f8cb1d64b636c37ccee5fe34f11e6
5878363e4a10cf976b43dd75ea55340ffa48f9b5a54520a85dfb33e10071cc1b
5d6fdfd618b5041e1e0532158b7a136f6beeade5faab96d24814f1fe8b2afdcb
630cc964d03e283699d55d2c1e10aeb9738bad380bde7ca321822e2db51c1317
640f26ab945663b4b8f32f526869392508cb261063cc022622eec9b08fbbb3e1
6b308405f407bc9e5653558a21637eb4a8410eb355072c58e63c359f9e1af6ea
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9377b21ec3ae255d4a94095b52c670b0716d74a8e7a639b78957b9872d6ef244
9faee009d1c9c89f14fe4c2060faa6af48e19a7396bc1ceccb5114938a6287b5
a827ba0a43cbeb52e1f7c01fac1d8526f1a927ef58d5a0bc4ea4047a8b47f075
bb03459079aafc5478cb5ed7279c82f14ad653a8b425165efac061f6e5a9b2a1
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2b7b9a4cd38be350f0874ffad6a55ac6d0903caf67608206b159f263750b093
e38b025c8e6f45264ad1e165d3fe5b719ec3264218078e749ba24f47c857949b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecac46b991c438aeffd47c22b19fdf85b75ea00a3ce8855f249710c748d1cf6f
ef39ee441c4e7792c5cda9a8bd86ddce96d9b17bda0cc9f7187f1a70ce9b3ed5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67b833dcd17782a0672dabb21f57ed6dffc88737aa29bf4602eb7fa319542d6
fab3471da7736d2d6793fa38d1d6ae245b2c62da8b5b845f1a032fd7ecd716f8

activate.ibygte.ca Open in urlscan Pro 2607:f8b0:4020:804::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

94 %HTTPS

100 %IPv6

13 Domains

21 Subdomains

17 IPs

2 Countries

1885 kBTransfer

5728 kBSize

1 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

activate.ibygte.ca Open in urlscan Pro
2607:f8b0:4020:804::2013 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

94 %
HTTPS

100 %
IPv6

13
Domains

21
Subdomains

17
IPs

2
Countries

1885 kB
Transfer

5728 kB
Size

1
Cookies

48 HTTP transactions
0 data transactions