nwderm.ca Open in urlscan Pro
135.84.181.87  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response nwderm.ca/	6 KB 2 KB	257ms 82ms	Document text/html	135.84.181.87 ASTUTEHOSTING
General Check archive.org Show headers Download Go to Full URL https://nwderm.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 135.84.181.87 Vancouver, Canada, ASN54527 (ASTUTEHOSTING, CA), Reverse DNS edwardweb.whc.ca Software LiteSpeed / Resource Hash f2db2a0824f440faa02d89fee80a458a825f8615bb1b5259ad4ae1751a6bd5eb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 1811 content-type text/html date Tue, 12 Nov 2024 05:08:59 GMT last-modified Thu, 12 Nov 2015 23:29:38 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	786 B 783 B	132ms 54ms	Stylesheet text/css	142.250.65.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Droid+Sans:400,700 Requested by Host: nwderm.ca URL: https://nwderm.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f10.1e100.net Software ESF / Resource Hash e95b196380c768d1c7fc637fb838da2a97a828b3263b9b01bfbce0b08b60f81f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://nwderm.ca/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 12 Nov 2024 05:09:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 12 Nov 2024 05:09:00 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 12 Nov 2024 05:01:05 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	logo_en-normal.png whc.ca/wp-content/themes/whc/css-modules/images/	4 KB 5 KB	136ms 62ms	Image image/png	104.26.7.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whc.ca/wp-content/themes/whc/css-modules/images/logo_en-normal.png?v1 Requested by Host: nwderm.ca URL: https://nwderm.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.7.2 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0dae99c0132a6a115c75dd8e63286b5c88806418690cfdba1c17f730b6dad88 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://nwderm.ca/ Response headers cache-control max-age=2592000, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag "10c3-56a4a45291e00" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vG1RzpmY8TOZK%2FUZGePcFzgfUOQzUDVFplFd1VxnVxrxlwsfTdfiVaBbP5LDXehKGJ7boOvuANdhV7JxeLHCYzxWGkAg1Mfq0OHkxb1EJfSi%2F18HlIEsew%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1401e37a7eab39-YYZ accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=19010&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3974&recv_bytes=2338&delivery_rate=192482&cwnd=253&unsent_bytes=0&cid=a995dd5af203c25d&ts=73&x=0" content-length 4291 date Tue, 12 Nov 2024 05:09:00 GMT content-type image/png last-modified Fri, 20 Apr 2018 16:35:04 GMT vary Accept-Encoding server cloudflare x-frame-options SAMEORIGIN
GET H2	200	logo_fr-normal.png whc.ca/wp-content/themes/whc/css-modules/images/	8 KB 8 KB	135ms 62ms	Image image/png	104.26.7.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whc.ca/wp-content/themes/whc/css-modules/images/logo_fr-normal.png?v1 Requested by Host: nwderm.ca URL: https://nwderm.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.7.2 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a5d134535a50f42c53e1895466368267e1ca434e5533c8e9a524896d40bad90 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://nwderm.ca/ Response headers cache-control max-age=2592000, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC etag "1e46-56a4a45386040" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjo1pgZjEnGhLZIAAhKmzaNTyc7BFYGcIozbNBvoVNjsc6DEzpy2sY1Ywfyn1feFSJmktsNZhsYM3hFo%2FGFFyvuR44TfSzPElojf4dPw4MY8TTVbqS3IoQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1401e37a7fab39-YYZ accept-ranges bytes server-timing cfL4;desc="?proto=TCP&rtt=19010&sent=15&recv=12&lost=0&retrans=0&sent_bytes=9025&recv_bytes=2338&delivery_rate=192482&cwnd=253&unsent_bytes=0&cid=a995dd5af203c25d&ts=74&x=0" content-length 7750 date Tue, 12 Nov 2024 05:09:00 GMT content-type image/png last-modified Fri, 20 Apr 2018 16:35:05 GMT vary Accept-Encoding server cloudflare x-frame-options SAMEORIGIN
GET H2	200	shattered.jpg whc.ca/promo/fr/images/	16 KB 17 KB	33ms 32ms	Image image/jpeg	104.26.7.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whc.ca/promo/fr/images/shattered.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.7.2 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91c1e6edc766722ea6722d07bf85c6c4d9f59dd6a5756149069cb3f5d9e7e99e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://nwderm.ca/ Response headers cf-bgj h2pri etag "4168-56a4a45291e00" age 141395 cf-cache-status HIT report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=siP%2B5BSncaWxOWopAM4%2FiDnireNl8PgqvaNzFiyUgCTttPl%2Ffqr1UtK1SRP6Q4y8FLzRQw75pSrDrMx34Ku2fczhiIjLWrQ7vBx9QKv92W3FejDoiivk0Q%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=19126&sent=24&recv=17&lost=0&retrans=0&sent_bytes=17386&recv_bytes=2412&delivery_rate=1025021&cwnd=255&unsent_bytes=0&cid=a995dd5af203c25d&ts=112&x=0" date Tue, 12 Nov 2024 05:09:00 GMT content-type image/jpeg last-modified Fri, 20 Apr 2018 16:35:04 GMT vary Accept-Encoding x-frame-options SAMEORIGIN cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1401e3ead6ab39-YYZ accept-ranges bytes content-length 16744 server cloudflare
GET H3	200	SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 fonts.gstatic.com/s/droidsans/v18/	22 KB 22 KB	101ms 34ms	Font font/woff2	142.250.64.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.67 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f3.1e100.net Software sffe / Resource Hash e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://nwderm.ca Referer https://fonts.googleapis.com/ Response headers age 567108 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 05 Nov 2025 15:37:12 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 05 Nov 2024 15:37:12 GMT last-modified Tue, 19 Apr 2022 18:25:01 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 22376 x-xss-protection 0 server sffe
GET H3	200	SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 fonts.gstatic.com/s/droidsans/v18/	21 KB 21 KB	108ms 41ms	Font font/woff2	142.250.64.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.64.67 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f3.1e100.net Software sffe / Resource Hash 7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://nwderm.ca Referer https://fonts.googleapis.com/ Response headers age 377443 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 07 Nov 2025 20:18:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 07 Nov 2024 20:18:17 GMT last-modified Tue, 19 Apr 2022 18:04:18 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 21224 x-xss-protection 0 server sffe
GET H2	200	favicon.ico whc.ca/	2 KB 2 KB	35ms 30ms	Other image/vnd.microsoft.icon	104.26.7.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://whc.ca/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.7.2 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d59a2e3a4c78e92eb7f34a885d60b7d5a3f336b46a583788d84760ee05f414 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://nwderm.ca/ Response headers cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT etag W/"7e9-57f06c4a17440" age 884271 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYXTn3I0b%2FJowOb%2Fb0hqYoPRyLG6SwVBGWvnfNPYGsxB2dPG3ZOR0w0EDhxf%2BD94vQrJIbhHiI60zmmo0iqieLORTTRA4qWdMM8DIT%2B%2FI7Nzj5A6SvlfHA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1401e41b02ab39-YYZ server-timing cfL4;desc="?proto=TCP&rtt=19349&sent=40&recv=19&lost=0&retrans=0&sent_bytes=34943&recv_bytes=2477&delivery_rate=1025021&cwnd=255&unsent_bytes=0&cid=a995dd5af203c25d&ts=141&x=0" date Tue, 12 Nov 2024 05:09:00 GMT content-type image/vnd.microsoft.icon last-modified Wed, 09 Jan 2019 13:52:09 GMT vary Accept-Encoding server cloudflare x-frame-options SAMEORIGIN

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nwderm.ca
whc.ca
104.26.7.2
135.84.181.87
142.250.64.67
142.250.65.170
1a5d134535a50f42c53e1895466368267e1ca434e5533c8e9a524896d40bad90
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
82d59a2e3a4c78e92eb7f34a885d60b7d5a3f336b46a583788d84760ee05f414
91c1e6edc766722ea6722d07bf85c6c4d9f59dd6a5756149069cb3f5d9e7e99e
e0dae99c0132a6a115c75dd8e63286b5c88806418690cfdba1c17f730b6dad88
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e95b196380c768d1c7fc637fb838da2a97a828b3263b9b01bfbce0b08b60f81f
f2db2a0824f440faa02d89fee80a458a825f8615bb1b5259ad4ae1751a6bd5eb