urlscan.io logo urlscan.io
SecurityTrails logo

nearmeplus.com Open in urlscan Pro
45.113.122.66  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://nearmeplus.com/blogs/item/386
Submission: On August 06 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 9 countries across 51 domains to perform 100 HTTP transactions. The main IP is 45.113.122.66, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is nearmeplus.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 19th 2020. Valid for: 3 months.
This is the only time nearmeplus.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: TD Bank (Banking) Bank of China (Banking) Scotiabank (Banking) American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
26 45.113.122.66 394695 (PUBLIC-DO...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a04:4e42:1b:... 54113 (FASTLY)
1 64.18.66.47 35927 (BANQUELAU...)
1 88.221.62.97 16625 (AKAMAI-AS)
1 104.109.81.243 20940 (AKAMAI-ASN1)
1 35.184.62.136 15169 (GOOGLE)
1 142.176.83.30 855 (CANET-ASN-4)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.216.17.83 16509 (AMAZON-02)
1 209.202.9.154 7122 (MTS-ASN)
1 143.204.202.101 16509 (AMAZON-02)
1 69.163.168.155 26347 (DREAMHOST-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 158.106.115.226 23498 (CDSI)
1 35.183.171.10 16509 (AMAZON-02)
1 208.69.254.161 23498 (CDSI)
1 34.95.13.225 15169 (GOOGLE)
2 3 2600:9000:205... 16509 (AMAZON-02)
1 107.162.158.163 55002 (DEFENSE-NET)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2.16.177.26 20940 (AKAMAI-ASN1)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 104.74.145.163 16625 (AKAMAI-AS)
1 206.25.72.220 3561 (CENTURYLI...)
1 23.37.40.180 16625 (AKAMAI-AS)
1 52.237.22.139 8075 (MICROSOFT...)
1 104.111.228.155 16625 (AKAMAI-AS)
1 166.62.84.121 26496 (AS-26496-...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 23.37.40.17 16625 (AKAMAI-AS)
1 2600:9000:214... 16509 (AMAZON-02)
1 192.229.182.193 15133 (EDGECAST)
1 52.228.42.76 8075 (MICROSOFT...)
1 192.0.72.28 2635 (AUTOMATTIC)
1 208.69.254.60 23498 (CDSI)
1 108.163.144.81 32613 (IWEB-AS)
1 23.36.235.165 16625 (AKAMAI-AS)
1 124.74.250.45 4134 (CHINANET-...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
100 50
26    45.113.122.66 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: md-in-67.webhostbox.net
nearmeplus.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    64.18.66.47 (Sainte-Marthe-sur-le-Lac, Canada)

ASN35927 (BANQUELAURENTIENNEDUCANADA, CA)
b2bbank.com
1    88.221.62.97 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-62-97.deploy.static.akamaitechnologies.com
www.bmo.com
1    104.109.81.243 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-81-243.deploy.static.akamaitechnologies.com
www.scotiabank.com
1    35.184.62.136 (United States)

ASN15169 (GOOGLE, US)
PTR: 136.62.184.35.bc.googleusercontent.com
bridgewaterbank.ca
1    142.176.83.30 (Halifax, Canada)

ASN855 (CANET-ASN-4, CA)
www.uni.ca
1    2a02:26f0:6c00:185::286e (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.cibc.com
1    2a02:26f0:f1:292::9b6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
canadiantire.scene7.com
1    2606:4700::6813:ad1c (United States)

ASN13335 (CLOUDFLARENET, US)
www.cwbank.com
1    52.216.17.83 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    209.202.9.154 (Winnipeg, Canada)

ASN7122 (MTS-ASN, CA)
PTR: 209-202-9-154.dedicated.bellmts.net
www.concentra.ca
1    143.204.202.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-101.fra53.r.cloudfront.net
www.alternabank.ca
1    69.163.168.155 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: ps587940.dreamhostps.com
www.dcbank.ca
1    2606:4700:10::6816:1d9f (United States)

ASN13335 (CLOUDFLARENET, US)
www.duobank.com
1    158.106.115.226 (Toronto, Canada)

ASN23498 (CDSI, CA)
www.equitablebank.ca
1    35.183.171.10 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-183-171-10.ca-central-1.compute.amazonaws.com
www.ebcfx.com
1    208.69.254.161 (Canada)

ASN23498 (CDSI, CA)
www.fnbc.ca
1    34.95.13.225 (United States)

ASN15169 (GOOGLE, US)
PTR: 225.13.95.34.bc.googleusercontent.com
www.portfolioplus.com
3    2600:9000:2057:e000:0:83b2:40:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.haventreebank.com
1    107.162.158.163 (United States)

ASN55002 (DEFENSE-NET, US)
www.homebank.ca
1    2606:4700::6812:1ad0 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnewswire.com
1    2.16.177.26 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-26.deploy.static.akamaitechnologies.com
prnewswire2-a.akamaihd.net
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    104.74.145.163 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-145-163.deploy.static.akamaitechnologies.com
www.manulifebank.ca
1    206.25.72.220 (Conestoga, United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
www.motusbank.ca
1    23.37.40.180 (Netherlands)

ASN16625 (AKAMAI-AS, US)
www.nbc.ca
1    52.237.22.139 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.peoplesbank.ca
1    104.111.228.155 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-155.deploy.static.akamaitechnologies.com
www.pcfinancial.ca
1    166.62.84.121 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-84-121.ip.secureserver.net
www.rfa.ca
1    2a02:26f0:6c00:19a::18a9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.rogersbank.com
1    23.37.40.17 (Netherlands)

ASN16625 (AKAMAI-AS, US)
www.rbcroyalbank.com
1    2600:9000:214f:d800:19:69c6:4500:21 (United States)

ASN16509 (AMAZON-02, US)
dvh1deh6tagwk.cloudfront.net
1    192.229.182.193 (London, United Kingdom)

ASN15133 (EDGECAST, US)
www.td.com
1    52.228.42.76 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
vancitycommunityinvestmentbank.ca
1    192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
financialpostcom.files.wordpress.com
1    208.69.254.60 (Canada)

ASN23498 (CDSI, CA)
www.wealthonebankofcanada.com
1    108.163.144.81 (Montreal, Canada)

ASN32613 (IWEB-AS, CA)
www.zagbank.ca
1    23.36.235.165 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-235-165.deploy.static.akamaitechnologies.com
www.aexp-static.com
1    124.74.250.45 (Shanghai, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
www.bankofchina.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
4    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2057:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
2    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
26 nearmeplus.com
nearmeplus.com
970 KB
14 jsdelivr.net
cdn.jsdelivr.net
178 KB
6 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
139 KB
4 gstatic.com
fonts.gstatic.com
50 KB
3 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
156 B
3 haventreebank.com
www.haventreebank.com
514 B
2 google.com
adservice.google.com
www.google.com
351 B
2 google.de
adservice.google.de
www.google.de
348 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
8 KB
2 googletagmanager.com
www.googletagmanager.com
68 KB
1 googletagservices.com
www.googletagservices.com
26 KB
1 quantcount.com
rules.quantcount.com
355 B
1 bankofchina.com
www.bankofchina.com
4 KB
1 aexp-static.com
www.aexp-static.com
1 KB
1 zagbank.ca
www.zagbank.ca
2 KB
1 wealthonebankofcanada.com
www.wealthonebankofcanada.com
5 KB
1 wordpress.com
financialpostcom.files.wordpress.com
10 KB
1 vancitycommunityinvestmentbank.ca
vancitycommunityinvestmentbank.ca
12 KB
1 td.com
www.td.com
3 KB
1 cloudfront.net
dvh1deh6tagwk.cloudfront.net
7 KB
1 rbcroyalbank.com
www.rbcroyalbank.com
2 KB
1 rogersbank.com
www.rogersbank.com
3 KB
1 rfa.ca
www.rfa.ca
1 KB
1 pcfinancial.ca
www.pcfinancial.ca
5 KB
1 peoplesbank.ca
www.peoplesbank.ca
9 KB
1 nbc.ca
www.nbc.ca
5 KB
1 motusbank.ca
www.motusbank.ca
4 KB
1 manulifebank.ca
www.manulifebank.ca
1 KB
1 wikimedia.org
upload.wikimedia.org
5 KB
1 akamaihd.net
prnewswire2-a.akamaihd.net
4 KB
1 prnewswire.com
mma.prnewswire.com
579 B
1 homebank.ca
www.homebank.ca
76 KB
1 portfolioplus.com
www.portfolioplus.com
1 fnbc.ca
www.fnbc.ca
4 KB
1 ebcfx.com
www.ebcfx.com
20 KB
1 equitablebank.ca
www.equitablebank.ca
5 KB
1 duobank.com
www.duobank.com
3 KB
1 dcbank.ca
www.dcbank.ca
4 KB
1 alternabank.ca
www.alternabank.ca
12 KB
1 concentra.ca
www.concentra.ca
4 KB
1 amazonaws.com
s3.amazonaws.com
14 KB
1 cwbank.com
www.cwbank.com
3 KB
1 scene7.com
canadiantire.scene7.com
8 KB
1 cibc.com
www.cibc.com
5 KB
1 uni.ca
www.uni.ca
16 KB
1 bridgewaterbank.ca
bridgewaterbank.ca
2 KB
1 scotiabank.com
www.scotiabank.com
3 KB
1 bmo.com
www.bmo.com
7 KB
1 b2bbank.com
b2bbank.com
18 KB
1 googleapis.com
fonts.googleapis.com
1 KB
100 51
Domain Requested by
26 nearmeplus.com nearmeplus.com
14 cdn.jsdelivr.net nearmeplus.com
cdn.jsdelivr.net
4 fonts.gstatic.com nearmeplus.com
4 pagead2.googlesyndication.com nearmeplus.com
pagead2.googlesyndication.com
3 www.haventreebank.com 2 redirects nearmeplus.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com nearmeplus.com
1 pixel.quantserve.com nearmeplus.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.google.de nearmeplus.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.googletagmanager.com
1 www.bankofchina.com nearmeplus.com
1 www.aexp-static.com nearmeplus.com
1 www.zagbank.ca nearmeplus.com
1 www.wealthonebankofcanada.com nearmeplus.com
1 financialpostcom.files.wordpress.com nearmeplus.com
1 vancitycommunityinvestmentbank.ca nearmeplus.com
1 www.td.com nearmeplus.com
1 dvh1deh6tagwk.cloudfront.net nearmeplus.com
1 www.rbcroyalbank.com nearmeplus.com
1 www.rogersbank.com nearmeplus.com
1 www.rfa.ca nearmeplus.com
1 www.pcfinancial.ca nearmeplus.com
1 www.peoplesbank.ca nearmeplus.com
1 www.nbc.ca nearmeplus.com
1 www.motusbank.ca nearmeplus.com
1 www.manulifebank.ca nearmeplus.com
1 upload.wikimedia.org nearmeplus.com
1 prnewswire2-a.akamaihd.net nearmeplus.com
1 mma.prnewswire.com 1 redirects
1 www.homebank.ca nearmeplus.com
1 www.portfolioplus.com nearmeplus.com
1 www.fnbc.ca nearmeplus.com
1 www.ebcfx.com nearmeplus.com
1 www.equitablebank.ca nearmeplus.com
1 www.duobank.com nearmeplus.com
1 www.dcbank.ca nearmeplus.com
1 www.alternabank.ca nearmeplus.com
1 www.concentra.ca nearmeplus.com
1 s3.amazonaws.com nearmeplus.com
1 www.cwbank.com nearmeplus.com
1 canadiantire.scene7.com nearmeplus.com
1 www.cibc.com nearmeplus.com
1 www.uni.ca nearmeplus.com
1 bridgewaterbank.ca nearmeplus.com
1 www.scotiabank.com nearmeplus.com
1 www.bmo.com nearmeplus.com
1 b2bbank.com nearmeplus.com
1 fonts.googleapis.com nearmeplus.com
100 56
Subject Issuer Validity Valid
mail.nearmeplus.com
Let's Encrypt Authority X3		 2020-06-19 -
2020-09-17		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-08 -
2021-04-17		 9 months crt.sh
www.b2bbank.com
Entrust Certification Authority - L1M		 2019-11-07 -
2020-11-15		 a year crt.sh
www.bmo.com
DigiCert EV RSA CA G2		 2020-07-10 -
2022-07-09		 2 years crt.sh
www.scotiabank.com
Entrust Certification Authority - L1K		 2020-07-22 -
2021-08-15		 a year crt.sh
bridgewaterbank.ca
Go Daddy Secure Certificate Authority - G2		 2019-11-19 -
2021-11-21		 2 years crt.sh
*.uni.ca
Sectigo RSA Domain Validation Secure Server CA		 2019-11-20 -
2022-02-21		 2 years crt.sh
www.cibc.com
DigiCert SHA2 Secure Server CA		 2020-04-23 -
2022-05-13		 2 years crt.sh
*.scene7.com
DigiCert SHA2 Secure Server CA		 2020-01-02 -
2021-04-02		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-07 -
2020-10-09		 6 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
www.concentra.ca
Sectigo RSA Domain Validation Secure Server CA		 2019-02-13 -
2021-02-27		 2 years crt.sh
www.alternabank.ca
Entrust Certification Authority - L1M		 2019-07-10 -
2020-09-25		 a year crt.sh
dcbank.ca
Let's Encrypt Authority X3		 2020-07-13 -
2020-10-11		 3 months crt.sh
duobank.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
*.equitablebank.ca
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-01-25		 2 years crt.sh
www.ebcfx.com
Amazon		 2020-06-26 -
2021-07-26		 a year crt.sh
www.fnbc.ca
Thawte RSA CA 2018		 2020-06-16 -
2021-08-25		 a year crt.sh
portfolioplus.com
Let's Encrypt Authority X3		 2020-07-02 -
2020-09-30		 3 months crt.sh
*.haventreebank.com
Amazon		 2020-08-01 -
2021-09-01		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-10-06		 a year crt.sh
manulife.com
Sectigo RSA Organization Validation Secure Server CA		 2020-04-30 -
2022-04-30		 2 years crt.sh
*.motusbank.ca
Entrust Certification Authority - L1K		 2020-02-18 -
2021-03-06		 a year crt.sh
bnc.ca
Entrust Certification Authority - L1M		 2020-06-10 -
2022-06-10		 2 years crt.sh
*.peoplesbank.ca
Go Daddy Secure Certificate Authority - G2		 2019-12-17 -
2021-02-16		 a year crt.sh
www.pcplus.ca
GeoTrust RSA CA 2018		 2020-02-12 -
2020-11-19		 9 months crt.sh
*.rfa.ca
DigiCert SHA2 Secure Server CA		 2019-11-04 -
2021-11-08		 2 years crt.sh
san.rogers.com
GeoTrust RSA CA 2018		 2020-07-22 -
2021-05-16		 10 months crt.sh
rbcroyalbank.com
DigiCert Global CA G2		 2020-06-15 -
2022-06-16		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
td.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-15 -
2021-01-11		 2 years crt.sh
vancitycommunityinvestmentbank.ca
Go Daddy Secure Certificate Authority - G2		 2020-03-17 -
2021-03-17		 a year crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-01-14		 2 years crt.sh
www.wealthonebankofcanada.com
Thawte RSA CA 2018		 2020-06-24 -
2021-08-30		 a year crt.sh
zagbank.ca
Entrust Certification Authority - L1K		 2019-09-17 -
2021-01-28		 a year crt.sh
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-02 -
2021-07-07		 a year crt.sh
www.bankofchina.com
Secure Site Pro Extended Validation CA G2		 2019-11-26 -
2021-11-26		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://nearmeplus.com/blogs/item/386
Frame ID: 4EAE23CF84F020B3818A9D3DECFD7791
Requests: 97 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200803/r20190131/zrt_lookup.html
Frame ID: 2DF5FC71D2423316C68102C27DDF816F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5166687018307964&output=html&adk=1812271804&adf=3025194257&lmt=1596715151&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1596715151159&bpp=11&bdt=1775&idt=123&shv=r20200803&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5738629475921&frm=20&pv=2&ga_vid=1627548126.1596715151&ga_sid=1596715151&ga_hid=616446943&ga_fc=0&iag=0&icsg=524936&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C44723322%2C21066647%2C21066532&oid=3&pvsid=2718854601633550&pem=825&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
Frame ID: 6C9713330D55AE94B485D889E27F650C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 576C2797392AD7CECDDD4E95A5D1282D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

100
Requests

99 %
HTTPS

43 %
IPv6

51
Domains

56
Subdomains

50
IPs

9
Countries

1750 kB
Transfer

2620 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.haventreebank.com/wp-content/uploads/2015/03/HB_logo_white_background.gif HTTP 301
  • https://www.haventreebank.com/wp-content/uploads/2015/03/HB_logo_white_background.gif/ HTTP 302
  • https://www.haventreebank.com/404.html
Request Chain 25
  • https://mma.prnewswire.com/media/743560/HomeEquity_Bank_Canadian_Business_names_HomeEquity_Bank_to_their.jpg?p=publish&w=200 HTTP 302
  • https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/1_sybvjd7b/def_height/40/def_width/200/version/100011/type/1
Request Chain 91
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=616446943&t=pageview&_s=1&dl=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386&ul=en-us&de=UTF-8&dt=List%20of%20Banks%20in%20Canada%20-%20Near%20me&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1873260510&gjid=66288530&cid=1627548126.1596715151&tid=UA-144902658-1&_gid=712213170.1596715151&_r=1&gtm=2ou7v1&z=1566263113 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_gid=712213170.1596715151&gjid=66288530&_v=j83&z=1566263113 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_v=j83&z=1566263113 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_v=j83&z=1566263113&slf_rd=1&random=368953759

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 386
nearmeplus.com/blogs/item/ 		71 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
db823964259095c94de52624977d2005a62c6bf4fafbae759442c03a9033313d

Request headers

:method
GET
:authority
nearmeplus.com
:scheme
https
:path
/blogs/item/386
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 06 Aug 2020 11:59:09 GMT
server
nginx/1.17.6
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
accept-ranges
none
x-server-cache
false
set-cookie
SID=51b06f59933948541273494be8a173e71557844c; expires=Thu, 06-Aug-2020 13:59:09 GMT; Max-Age=7200; path=/; HttpOnly
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%7COpen+Sans%7CCabin:400,500%7CArchivo+Black,700%7CNunito+Sans%7CNunito:400,800
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6df0a8237404498c5ad536851099ac5abf736e24461bc2287189c93a83668d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 Aug 2020 11:59:09 GMT
server
ESF
date
Thu, 06 Aug 2020 11:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Aug 2020 11:59:09 GMT
bootstrap.min.css
cdn.jsdelivr.net/gh/twbs/bootstrap@4.1.3/dist/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/twbs/bootstrap@4.1.3/dist/css/bootstrap.min.css
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680205
x-cache
HIT, HIT
status
200
content-length
21038
etag
W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
x-served-by
cache-fra19155-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
smartmenus.min.css
cdn.jsdelivr.net/gh/krishnan57474/gaur@3/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/css/smartmenus.min.css
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf72370307fdfcd61525cfc318542629bb843a46f26d376fbd81447eab4d04d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
33500
x-cache
HIT, HIT
status
200
content-length
1972
etag
W/"1c96-tuEgTPWMXmMg+KZHV/BANo0VecI"
x-served-by
cache-fra19160-FRA, cache-hhn4050-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
style.css
nearmeplus.com/css/ 		51 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nearmeplus.com/css/style.css
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
7540bdf35b72baa86abaae82bdc44ba3b6aa0bb6438350f7484863244d5b2e26

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 11:43:27 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
max-age=86400, public
accept-ranges
none
logo.png
nearmeplus.com/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/logos/logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
76188f00b184f80010d93c0a738aa70ff28ef298b90c89cbaa020aa3d114c637

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 05 Dec 2019 17:56:19 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
2671
b89beaa32d2b54e233359cab4c48ae3c.png
nearmeplus.com/images/blogs/thumb/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/blogs/thumb/b89beaa32d2b54e233359cab4c48ae3c.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
7a753e8773d291999199b626a2e9d5c2d71bf4f003f10891032b244f2c921d7a

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Sun, 19 Apr 2020 07:22:38 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
13821
logo_5_1.jpg
b2bbank.com/sn_uploads/grid/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2bbank.com/sn_uploads/grid/logo_5_1.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.18.66.47 Sainte-Marthe-sur-le-Lac, Canada, ASN35927 (BANQUELAURENTIENNEDUCANADA, CA),
Reverse DNS
Software
/
Resource Hash
3b8ba3551b890ac457740f0c8cc133bb6b41f8617ec8d6c004e5658cbbce308d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:12 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Nov 2019 16:39:52 GMT
ETag
"45dc-597653f3ce600"
Content-Type
image/jpeg
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17884
X-XSS-Protection
1; mode=block
bmo.svg
www.bmo.com/resources/images/logos/bank-of-montreal/ 		20 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bmo.com/resources/images/logos/bank-of-montreal/bmo.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.62.97 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-62-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db01caa7f67c14986b1586e66f3add9cd370b888fae85c9015b1ea5dda0e7376
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
content-encoding
gzip
x-bmo-correlation_request_id
BMO-AK::W3::12f683830ac30a84c83c66cfe760b2ad24cbee5e::dJNNTqwcOrAAAEOvRlYAAACx
last-modified
Fri, 19 Jan 2018 21:13:36 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
must-revalidate, max-age=230
x-ua-compatible
IE=edge
x-ihs-timer
D=653 t=1593937333800270
accept-ranges
none
content-length
7075
expires
Thu, 06 Aug 2020 12:02:59 GMT
scotiabank-logo-red-desktop-200px.svg
www.scotiabank.com/content/dam/scotiabank/images/logos/2019/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.scotiabank.com/content/dam/scotiabank/images/logos/2019/scotiabank-logo-red-desktop-200px.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
104.109.81.243 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-81-243.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
87377846365e879595a7912be60a6998e56d8eb64e6f2c978a4a6e34e7532d6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:09 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000 ; includeSubDomains ; preload
Last-Modified
Thu, 23 Jul 2020 23:58:54 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2848
X-XSS-Protection
1; mode=block
BridgewaterBank_Grey.svg
bridgewaterbank.ca/wp-content/uploads/2018/10/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bridgewaterbank.ca/wp-content/uploads/2018/10/BridgewaterBank_Grey.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.184.62.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.62.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bcb68828ff84ccadbf704512eab7d438148ec329740d271e532ae5d3c720338

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
content-encoding
br
last-modified
Thu, 29 Nov 2018 13:34:42 GMT
server
nginx
status
200
etag
W/"5bffeaf2-104c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
uni-logo.png
www.uni.ca/en/assets/img/logo/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.uni.ca/en/assets/img/logo/uni-logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
142.176.83.30 Halifax, Canada, ASN855 (CANET-ASN-4, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1a9a08268eccb9e2e06ad28627b31fe0169013e5253b114f94d1a4f363739a3b

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:09 GMT
Last-Modified
Wed, 02 Nov 2016 17:24:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"65ebe1fa2d35d21:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
15698
cq5dam.web.1280.1280.png
www.cibc.com/content/dam/global/CIBC-BTFYL-EN-ret.png/_jcr_content/renditions/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cibc.com/content/dam/global/CIBC-BTFYL-EN-ret.png/_jcr_content/renditions/cq5dam.web.1280.1280.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:185::286e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
fd06a6f574913276d53566e8ee41b65963894cd9bc1c873d57044651420aa494

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 06 Aug 2020 07:30:13 GMT
server
Apache
etag
"14f7-5ac3075815fd7"
content-type
image/png
status
200
cache-control
max-age=421292
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-length
5367
expires
Tue, 11 Aug 2020 09:00:41 GMT
CTB_LOGO_ENG1X
canadiantire.scene7.com/is/image/CanadianTire/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadiantire.scene7.com/is/image/CanadianTire/CTB_LOGO_ENG1X?scl=1&fmt=png-alpha
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f1:292::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
50c42a9226f57bb039d2b49fb0d0a3a38d85eaa675a54d8cb4c73e281b03ee9e

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Wed, 05 Aug 2020 00:48:32 GMT
server
Akamai Image Manager
etag
"6755db630eea69b1b4e7259dd14dbb6a"
status
200
content-type
image/webp
access-control-allow-origin
*.canadiantire.ca
cache-control
private, no-transform, max-age=33447
content-length
7588
expires
Thu, 06 Aug 2020 21:16:36 GMT
CWB_Logo_Horizontal_RGB_Tag_CWB.ashx
www.cwbank.com/-/media/global-assets/vector-graphics/logos/2019/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cwbank.com/-/media/global-assets/vector-graphics/logos/2019/CWB_Logo_Horizontal_RGB_Tag_CWB.ashx?h=50&w=200&hash=CE692CC8A6877E66DC7AF4184BD04F50
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4189cd2e052e9e4ce91ad93d3fbe991ea78de08defeed1f3f3c5788b5e22274

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 01 Oct 2019 16:31:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/svg+xml
status
200
cache-control
private, max-age=604800
content-disposition
inline; filename="CWB_Logo_Horizontal_RGB_Tag_CWB.svg"
cf-ray
5be897144f5cd721-FRA
cf-request-id
04653cc0af0000d7219330f200000001
gYZ5cn5JXorCPu3tYasysAIBhP6cR3nUNo2fFoHK
s3.amazonaws.com/blab-impact-published-production/public/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/blab-impact-published-production/public/gYZ5cn5JXorCPu3tYasysAIBhP6cR3nUNo2fFoHK
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.17.83 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1178d5805dbd65af8526a7401f67840378ccb3bdc9ec11f4bdbf606935f643b6

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
Last-Modified
Thu, 26 Jul 2018 18:30:06 GMT
Server
AmazonS3
x-amz-request-id
D8BA5FB51C11D01B
ETag
"591576ecb7799efe67e345551831fed3"
Content-Type
image/png
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
13509
x-amz-id-2
hopPqyJb0MWuXyTmL4NmLNjWOqEqS4Sraie4qtynIwmTMAgWWDpO2803l0fq7hBueq4Qoj+9Voo=
cf_logo.png
www.concentra.ca/Style%20Library/Images/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.concentra.ca/Style%20Library/Images/cf_logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.202.9.154 Winnipeg, Canada, ASN7122 (MTS-ASN, CA),
Reverse DNS
209-202-9-154.dedicated.bellmts.net
Software
/
Resource Hash
0c8322fce6da7d7cac34ae99d043e84ab205ca09297c17582d77cf8fdf12d537
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
request-id
085d6d9f-e315-5038-1953-195d72f2c2fe
MicrosoftSharePointTeamServices
15.0.0.4709
SPRequestDuration
7
X-SharePointHealthScore
0
ResourceTag
rt:869E856A-7EA0-41D2-8336-89F9FA80B1B0@00000000005
Date
Thu, 06 Aug 2020 11:59:09 GMT
Public-Extension
http://schemas.microsoft.com/repl-2
Content-Length
2417
X-XSS-Protection
1; mode=block
SPIisLatency
0
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Nov 2015 20:15:49 GMT
SPRequestGuid
085d6d9f-e315-5038-1953-195d72f2c2fe
ETag
"{869E856A-7EA0-41D2-8336-89F9FA80B1B0},5"
Expect-CT
enforce, max-age=300, report-uri='https://www.your-report-website.com/'
X-FRAME-OPTIONS
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Cache-Control
private,max-age=0
Content-Security-Policy
default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Expires
Wed, 22 Jul 2020 11:59:09 GMT
26068938-7218-4106-b170-31e4a2dbc68f
www.alternabank.ca/gateway/api/contentservices/api/contentstream-id/deea3a56-0653-4a6f-86f3-b6a77c77bccb/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alternabank.ca/gateway/api/contentservices/api/contentstream-id/deea3a56-0653-4a6f-86f3-b6a77c77bccb/26068938-7218-4106-b170-31e4a2dbc68f
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-101.fra53.r.cloudfront.net
Software
/
Resource Hash
5abfe25b6b021f9d8a3a5db9c6e2ae186f03adaf53a06b9c156d2e2aab535304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

correlation-id
070b7ff12de5fef5
date
Thu, 06 Aug 2020 11:59:10 GMT
via
1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
x-oneagent-js-injection
true, true
x-xss-protection
1; mode=block
pragma
cache
content-range
bytes 0-11645/11646
referrer-policy
no-referrer
last-modified
Fri, 02 Aug 2019 13:20:44 GMT
x-frame-options
SAMEORIGIN
etag
deea3a56-0653-4a6f-86f3-b6a77c77bccb.26068938-7218-4106-b170-31e4a2dbc68f@1564752047008[11646]:dtagent10181191119154660WNyy:dtagent10181191119154660WNyy:dtagent10181191119154660WNyy
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg;charset=UTF-8
cache-control
public; max-age=3600
accept-ranges
bytes
x-amz-cf-id
mQMbOiMIh8jrcec40pkTOJbL1HI-fPuqq7Yml_yN8yaOTJsuhLt_mw==
logo.svg
www.dcbank.ca/wp-content/themes/dcbank-2017/img/ 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dcbank.ca/wp-content/themes/dcbank-2017/img/logo.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.163.168.155 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps587940.dreamhostps.com
Software
Apache /
Resource Hash
31cb69a8ded7dbbb520682c6e603d285b5234926d74b64823ee10280904f93b3

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache
ETag
"3e14-55c7bcc886dd3"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
3862
Expires
Fri, 06 Aug 2021 11:59:10 GMT
logo_duobank_header_en.svg
www.duobank.com/wp-content/themes/duobank2019/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.duobank.com/wp-content/themes/duobank2019/img/logo_duobank_header_en.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c02c7f487a461669a9d16062beb4950f71b1b71122cb58174e4f6406accfcae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.duobank.com https://*.banqueduo.com https://*.duobank.ca https://*.banqueduo.ca; img-src 'self' https://*.duobank.com https://*.banqueduo.com https://*.duobank.ca https://*.banqueduo.ca https://www.cdic.ca https://*.cdic.ca https://www.sadc.ca https://*.sadc.ca
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
status
200
vary
Accept-Encoding
cf-request-id
04653cc1150000dfdf922c2200000001
referrer-policy
strict-origin
last-modified
Mon, 22 Apr 2019 18:34:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9c3bcb23af9d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
x-xss-protection
1; mode=block
x-robots-tag
none
content-security-policy
frame-ancestors 'self' https://*.duobank.com https://*.banqueduo.com https://*.duobank.ca https://*.banqueduo.ca; img-src 'self' https://*.duobank.com https://*.banqueduo.com https://*.duobank.ca https://*.banqueduo.ca https://www.cdic.ca https://*.cdic.ca https://www.sadc.ca https://*.sadc.ca
cf-ray
5be89714eb2adfdf-FRA
eqb_logo_horizontal_en.svg
www.equitablebank.ca/Assets/dist/images/print-logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.equitablebank.ca/Assets/dist/images/print-logos/eqb_logo_horizontal_en.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.106.115.226 Toronto, Canada, ASN23498 (CDSI, CA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
941c69e2710662afd214b905a81b06b8c255d33773c2c11d45d0bdfe6ca56b05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:09 GMT
Last-Modified
Wed, 25 Sep 2019 19:06:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0e71b60d473d51:0"
Strict-Transport-Security
max-age=15552000
Content-Type
image/svg+xml
Cache-Control
max-age=2678400
Accept-Ranges
bytes
Content-Length
4890
logo.png
www.ebcfx.com/photos/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebcfx.com/photos/logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.183.171.10 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-183-171-10.ca-central-1.compute.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
eac3a961a4b9e015ee743d2210d958a36925d991775aa67a79c1525971c1259e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options sameorigin

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:10 GMT
vary
Host
last-modified
Fri, 12 Apr 2019 18:59:03 GMT
server
Apache/2.4.7 (Ubuntu)
etag
"50ba-58659e56f8e52"
x-frame-options
sameorigin
content-type
image/png
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
20666
Logo$v@202004180115.gif
www.fnbc.ca/DynamicContent/Resources/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fnbc.ca/DynamicContent/Resources/Images/Logo$v@202004180115.gif
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.69.254.161 , Canada, ASN23498 (CDSI, CA),
Reverse DNS
Software
/
Resource Hash
761a39ab86d4d87d1fde4aff717c3c4221044c218034c1b934c813591115c878
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Mon, 10 Jul 2017 16:00:00 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
3747
Expires
Thu, 01 Jan 1970 00:00:00 GMT
General-Bank-of-Canada-logo.png
www.portfolioplus.com/banking_software/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.portfolioplus.com/banking_software/images/General-Bank-of-Canada-logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.13.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.13.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
404.html
www.haventreebank.com/
Redirect Chain
  • https://www.haventreebank.com/wp-content/uploads/2015/03/HB_logo_white_background.gif
  • https://www.haventreebank.com/wp-content/uploads/2015/03/HB_logo_white_background.gif/
  • https://www.haventreebank.com/404.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haventreebank.com/404.html
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:e000:0:83b2:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Thu, 06 Aug 2020 11:59:10 GMT
via
1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA6-C1
status
302
x-cache
Error from cloudfront
content-type
application/xml
location
/404.html
content-length
0
x-amz-cf-id
hVII7t-pjz_HRsF7lxSoP90xGSqucNPPhBad85pZO6OxO9xkUilovQ==
home_bank_logo.png
www.homebank.ca/images/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.homebank.ca/images/home_bank_logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Server
107.162.158.163 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
612c9d02ee2e5b0b96678e9b331cae7c49d2ac3e4bfec54a5f915daed6a78fbd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
Via
1.1 fra1-bit9
Last-Modified
Thu, 27 Sep 2018 17:38:46 GMT
X-Powered-By
ASP.NET
ETag
"0978f18856d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
77661
1
prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/1_sybvjd7b/def_height/40/def_width/200/version/100011/type/
Redirect Chain
  • https://mma.prnewswire.com/media/743560/HomeEquity_Bank_Canadian_Business_names_HomeEquity_Bank_to_their.jpg?p=publish&w=200
  • https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/1_sybvjd7b/def_height/40/def_width/200/version/100011/type/1
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/1_sybvjd7b/def_height/40/def_width/200/version/100011/type/1
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.26 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9d517371c86267412accbf95ecbec68fed55953ff419744985aa56f7dfedaa5a

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Kaltura
cached-thumb-exists,0c27f92804c9d4be4664b350b076219b
X-Me
ny-front-thumb-050821935
Date
Thu, 06 Aug 2020 11:59:10 GMT
X-Vod-Session
511559427
Connection
keep-alive
Content-Length
3091
Pragma
Last-Modified
Sun, 19 Nov 2000 08:52:00 GMT
Server
nginx
X-Vod-Me
ny-front-vod7
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
X-Kaltura-Session
274159069
Expires
Thu, 06 Aug 2020 12:59:10 GMT

Redirect headers

date
Thu, 06 Aug 2020 11:59:10 GMT
cf-cache-status
DYNAMIC
access-control-allow-origin
*
x-powered-by
ASP.NET
status
302
server-timing
intid;desc=a54f937b5bacfa4b
cf-request-id
04653cc35f0000d7219e95f200000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
location
https://prnewswire2-a.akamaihd.net/p/1893751/sp/189375100/thumbnail/entry_id/1_sybvjd7b/def_height/40/def_width/200/version/100011/type/1
cache-control
no-cache
cf-ray
5be89718999ad721-FRA
access-control-allow-headers
Content-Type
expires
-1
220px-Laurentian_Bank_of_Canada_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/220px-Laurentian_Bank_of_Canada_logo.svg.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
d3baa0dd7a253b04f53c14bd34566080b1642aa51c922c3c3338604e753e116f
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 05:34:33 GMT
age
23078
x-cache-status
hit-local
x-cache
cp3061 hit, cp3061 miss
status
200
server-timing
cache;desc="hit-local"
content-length
4896
x-client-ip
2a01:4f8:121:131a::2
last-modified
Thu, 15 Feb 2018 11:49:33 GMT
server
ATS/8.0.8
etag
4d57606f890c837b61245438908781a9
strict-transport-security
max-age=106384710; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-timestamp
1518695372.38156
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
logo.svg
www.manulifebank.ca/content/dam/manulife-bank/en_ca/icons/ 		382 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulifebank.ca/content/dam/manulife-bank/en_ca/icons/logo.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.74.145.163 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-145-163.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d988c4aabb5de3eb134e39ac0bed4669b13ebf937b4833b162a9881747833863
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Dispatcher
dispatcher1cacentral1
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
publish
Connection
keep-alive
Content-Length
233
ETag
"17e-5ab259dd9f580-gzip"
Last-Modified
Fri, 24 Jul 2020 01:08:54 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Date
Thu, 06 Aug 2020 11:59:10 GMT
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Cache-Control
no-cache="set-cookie"
Accept-Ranges
bytes
motus-logo-header.svg
www.motusbank.ca/MotusBank/media/motusbank/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.motusbank.ca/MotusBank/media/motusbank/motus-logo-header.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.25.72.220 Conestoga, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
19c3fb3992208d47731a334b96fad995bc4cb9a395da6e6104267197698fc0c1
Security Headers
Name Value
Content-Security-Policy default-src data: *; script-src data: 'unsafe-inline' 'unsafe-eval' *; style-src data: 'unsafe-inline' *
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 03 Oct 2019 17:52:11 GMT
ETag
"ce5b4548137ad51:0"
Strict-Transport-Security
max-age=157680000
Content-Type
image/svg+xml
X-Xss-Protection
1; mode=block
Content-Security-Policy
default-src data: *; script-src data: 'unsafe-inline' 'unsafe-eval' *; style-src data: 'unsafe-inline' *
Accept-Ranges
none
Content-Length
3717
X-Content-Type-Options
nosniff
logo-nbc-155x50.svg
www.nbc.ca/content/dam/bnc/commun/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nbc.ca/content/dam/bnc/commun/logo/logo-nbc-155x50.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.40.180 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
cf09344fb594a095f92659272aeac1a1b2c44ac71d32a01ad61ba96424ecdea0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnc.ca *.nbc.ca;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnc.ca *.nbc.ca;
X-Content-Type-Options
nosniff
Last-Modified
Sat, 01 Aug 2020 04:00:46 GMT
Server
Apache
ETag
"13cf-5abc8f3399780"
Strict-Transport-Security
max-age=63072000;
Content-Type
image/svg+xml
Date
Thu, 06 Aug 2020 11:59:11 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5071
Group-7@2x.png
www.peoplesbank.ca/wp-content/uploads/sites/2/2019/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.peoplesbank.ca/wp-content/uploads/sites/2/2019/03/Group-7@2x.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.237.22.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
3b53fbc6aa967594f79c138b582e786fb94f446f13c1fb985ba7944068e62efb

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
Last-Modified
Thu, 13 Feb 2020 19:57:44 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"229a-59e7a809f1dd6"
Content-Length
8858
Content-Type
image/png
logo-header-en.svg
www.pcfinancial.ca/docs/default-source/assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcfinancial.ca/docs/default-source/assets/logo-header-en.svg?sfvrsn=6acc4fb4_24
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.155 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c40b407e4bda870ac0fa971fb8315fafb340ff05536da17955024e95179324e8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.demdex.net *.eloqua.com *.en25.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.gstatic.com *.pinterest.com *.twimg.com ajax.aspnetcdn.com analytics.twitter.com apis.google.com bat.bing.com cdn-akamai.mookie1.com cdn.ampproject.org cdn.fontawesome.com connect.facebook.net ds-aksb-a.akamaihd.net googleads.g.doubleclick.net http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ https://publish.twitter.com https://s.ytimg.com https://syndication.twitter.com/ https://www.youtube.com/iframe_api js.hs-analytics.net js.hs-scripts.com maps.googleapis.com marketing.adobe.com munchkin.marketo.net nebula-cdn.kampyle.com optimize.google.com platform.linkedin.com platform.twitter.com s.ytimg.com script.hotjar.com static.ads-twitter.com static.hotjar.com tagmanager.google.com tags.tiqcdn.com www.cdic.ca www.google.com www.googletagmanager.com www.sadc.ca www.youtube.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.demdex.net *.eloqua.com *.en25.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.gstatic.com *.pinterest.com *.twimg.com ajax.aspnetcdn.com analytics.twitter.com apis.google.com bat.bing.com cdn-akamai.mookie1.com cdn.ampproject.org cdn.fontawesome.com connect.facebook.net ds-aksb-a.akamaihd.net googleads.g.doubleclick.net http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ https://publish.twitter.com https://s.ytimg.com https://syndication.twitter.com/ https://www.youtube.com/iframe_api js.hs-analytics.net js.hs-scripts.com maps.googleapis.com marketing.adobe.com munchkin.marketo.net nebula-cdn.kampyle.com optimize.google.com platform.linkedin.com platform.twitter.com s.ytimg.com script.hotjar.com static.ads-twitter.com static.hotjar.com tagmanager.google.com tags.tiqcdn.com www.cdic.ca www.google.com www.googletagmanager.com www.sadc.ca www.youtube.com; font-src 'self' *.pinterest.com data: fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com optimize.google.com tagmanager.google.com www.googletagmanager.com; img-src 'self' *.demdex.net *.eloqua.com *.google-analytics.com *.googleapis.com *.gstatic.com *.pinterest.com *.twimg.com bat.bing.com blob: cm.everesttech.net cx.atdmt.com data: https://*.dec.sitefinity.com https://dec.azureedge.net https://delicious.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://syndication.twitter.com img.youtube.com optimize.google.com pbs.twimg.com pcfinancial.sc.omtrdc.net platform.tumblr.com platform.twitter.com/css/ stats.g.doubleclick.net t.co t.com tagmanager.google.com track.hubspot.com udc-neb.kampyle.com web.facebook.com www.facebook.com www.google.ca www.google.com www.googletagmanager.com www.linkedin.com www.redditstatic.com nebula-cdn.kampyle.com ds-aksb-a.akamaihd.net www.cdic.ca www.sadc.ca; media-src 'self' *.pinterest.com blob: data: optimize.google.com tagmanager.google.com www.googletagmanager.com; frame-src 'self' *.demdex.net *.doubleclick.net *.pinterest.com cdn-akamai.mookie1.com optimize.google.com platform.twitter.com tagmanager.google.com tags.tiqcdn.com vars.hotjar.com www.googletagmanager.com www.youtube.com nebula-cdn.kampyle.com; child-src 'self' *.demdex.net *.pinterest.com accounts.google.com apis.google.com badge.stumbleupon.com https://platform.twitter.com/ https://player.vimeo.com/ https://syndication.twitter.com/ https://w.soundcloud.com/ https://www.youtube.com/ optimize.google.com staticxx.facebook.com tagmanager.google.com vars.hotjar.com web.facebook.com www.facebook.com www.googletagmanager.com; connect-src 'self' *.demdex.net *.g.doubleclick.net *.hotjar.com *.hotjar.io *.mktoresp.com *.pinterest.com accounts.google.com https://*.dec.sitefinity.com https://dec.azureedge.net https://delicious.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://syndication.twitter.com optimize.google.com pcfinancial.sc.omtrdc.net tagmanager.google.com www.facebook.com www.google-analytics.com www.googletagmanager.com www.linkedin.com www.redditstatic.com www.cdic.ca www.sadc.ca;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.demdex.net *.eloqua.com *.en25.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.gstatic.com *.pinterest.com *.twimg.com ajax.aspnetcdn.com analytics.twitter.com apis.google.com bat.bing.com cdn-akamai.mookie1.com cdn.ampproject.org cdn.fontawesome.com connect.facebook.net ds-aksb-a.akamaihd.net googleads.g.doubleclick.net http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ https://publish.twitter.com https://s.ytimg.com https://syndication.twitter.com/ https://www.youtube.com/iframe_api js.hs-analytics.net js.hs-scripts.com maps.googleapis.com marketing.adobe.com munchkin.marketo.net nebula-cdn.kampyle.com optimize.google.com platform.linkedin.com platform.twitter.com s.ytimg.com script.hotjar.com static.ads-twitter.com static.hotjar.com tagmanager.google.com tags.tiqcdn.com www.cdic.ca www.google.com www.googletagmanager.com www.sadc.ca www.youtube.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.demdex.net *.eloqua.com *.en25.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.gstatic.com *.pinterest.com *.twimg.com ajax.aspnetcdn.com analytics.twitter.com apis.google.com bat.bing.com cdn-akamai.mookie1.com cdn.ampproject.org cdn.fontawesome.com connect.facebook.net ds-aksb-a.akamaihd.net googleads.g.doubleclick.net http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ https://publish.twitter.com https://s.ytimg.com https://syndication.twitter.com/ https://www.youtube.com/iframe_api js.hs-analytics.net js.hs-scripts.com maps.googleapis.com marketing.adobe.com munchkin.marketo.net nebula-cdn.kampyle.com optimize.google.com platform.linkedin.com platform.twitter.com s.ytimg.com script.hotjar.com static.ads-twitter.com static.hotjar.com tagmanager.google.com tags.tiqcdn.com www.cdic.ca www.google.com www.googletagmanager.com www.sadc.ca www.youtube.com; font-src 'self' *.pinterest.com data: fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com optimize.google.com tagmanager.google.com www.googletagmanager.com; img-src 'self' *.demdex.net *.eloqua.com *.google-analytics.com *.googleapis.com *.gstatic.com *.pinterest.com *.twimg.com bat.bing.com blob: cm.everesttech.net cx.atdmt.com data: https://*.dec.sitefinity.com https://dec.azureedge.net https://delicious.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://syndication.twitter.com img.youtube.com optimize.google.com pbs.twimg.com pcfinancial.sc.omtrdc.net platform.tumblr.com platform.twitter.com/css/ stats.g.doubleclick.net t.co t.com tagmanager.google.com track.hubspot.com udc-neb.kampyle.com web.facebook.com www.facebook.com www.google.ca www.google.com www.googletagmanager.com www.linkedin.com www.redditstatic.com nebula-cdn.kampyle.com ds-aksb-a.akamaihd.net www.cdic.ca www.sadc.ca; media-src 'self' *.pinterest.com blob: data: optimize.google.com tagmanager.google.com www.googletagmanager.com; frame-src 'self' *.demdex.net *.doubleclick.net *.pinterest.com cdn-akamai.mookie1.com optimize.google.com platform.twitter.com tagmanager.google.com tags.tiqcdn.com vars.hotjar.com www.googletagmanager.com www.youtube.com nebula-cdn.kampyle.com; child-src 'self' *.demdex.net *.pinterest.com accounts.google.com apis.google.com badge.stumbleupon.com https://platform.twitter.com/ https://player.vimeo.com/ https://syndication.twitter.com/ https://w.soundcloud.com/ https://www.youtube.com/ optimize.google.com staticxx.facebook.com tagmanager.google.com vars.hotjar.com web.facebook.com www.facebook.com www.googletagmanager.com; connect-src 'self' *.demdex.net *.g.doubleclick.net *.hotjar.com *.hotjar.io *.mktoresp.com *.pinterest.com accounts.google.com https://*.dec.sitefinity.com https://dec.azureedge.net https://delicious.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://syndication.twitter.com optimize.google.com pcfinancial.sc.omtrdc.net tagmanager.google.com www.facebook.com www.google-analytics.com www.googletagmanager.com www.linkedin.com www.redditstatic.com www.cdic.ca www.sadc.ca;
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-disposition
inline; filename=logo-header-en.svg
vary
Accept-Encoding
content-length
2147
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Jun 2019 03:27:40 GMT
x-geo-info
Country=NL, City=AMSTERDAM, Province=
x-frame-options
SAMEORIGIN
date
Thu, 06 Aug 2020 11:59:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
image/svg+xml
access-control-allow-origin
https://www.pcfinancial.ca
cache-control
public, max-age=388449
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 10 Aug 2020 23:53:19 GMT
RFA-Logos-RGB.svg
www.rfa.ca/themes/custom/sc_theme/dist/img/ 		870 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rfa.ca/themes/custom/sc_theme/dist/img/RFA-Logos-RGB.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
166.62.84.121 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-84-121.ip.secureserver.net
Software
Apache /
Resource Hash
202624a25f0b5101415f8a33bf7d677bd4470b62d373ce4862532ad7dea814a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Jan 2020 19:00:39 GMT
Server
Apache
Content-Type
image/svg+xml
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
870
Expires
Thu, 20 Aug 2020 11:59:10 GMT
logo_en-cd432888992dcb1c3c102427be64efb2d95bacb558a72685fc3e6cd1fc41ddb9.png
www.rogersbank.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rogersbank.com/assets/logo_en-cd432888992dcb1c3c102427be64efb2d95bacb558a72685fc3e6cd1fc41ddb9.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:19a::18a9 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
cd432888992dcb1c3c102427be64efb2d95bacb558a72685fc3e6cd1fc41ddb9

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:10 GMT
Last-Modified
Thu, 21 Apr 2016 15:21:16 GMT
Server
nginx
ETag
"5718efec-c98"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3224
rbc-logo-shield.svg
www.rbcroyalbank.com/dvl/v1.0/assets/images/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbcroyalbank.com/dvl/v1.0/assets/images/logos/rbc-logo-shield.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.40.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
34c2233c7a4bc10b7169a4da0677edf6e9bd9a177925fd0e9bcd263cb09f2fa0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:10 GMT
content-encoding
gzip
last-modified
Thu, 01 Nov 2018 13:37:06 GMT
status
200
etag
"5799a83c1e480"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-credentials
true
x-edgeconnect-cache-status
1
accept-ranges
bytes
content-length
1446
expires
Wed, 03 Apr 2019 04:34:52 GMT
TangerineLogo_Supplied_1536x8642.jpg
dvh1deh6tagwk.cloudfront.net/finder-us/wp-uploads/sites/5/2019/04/ 		14 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dvh1deh6tagwk.cloudfront.net/finder-us/wp-uploads/sites/5/2019/04/TangerineLogo_Supplied_1536x8642.jpg?fit=600&webp=1
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:d800:19:69c6:4500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29937a50e9fc7081f37eb6fa41e020a3b173a97f3d36be73cb7248b363d921cd

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:10 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/webp
status
200
cache-control
public, max-age=31557600
x-amz-cf-id
8u6FjUn0w8ossJyKpuifLFf-tew1X6BjrFUJ9nS7XCnd1ZksCmuesw==
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
td-logo.png
www.td.com/ca/en/personal-banking/system/v1.5/assets/img/header-nav/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.td.com/ca/en/personal-banking/system/v1.5/assets/img/header-nav/td-logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.182.193 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECD (ama/8B76) / Servlet/3.0
Resource Hash
e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:10 GMT
last-modified
Wed, 17 May 2017 21:32:29 GMT
server
ECD (ama/8B76)
age
1543691
x-powered-by
Servlet/3.0
x-vdms-path
/8093E16/tdbor-www.td.com/ca/en/personal-banking/system/v1.5/assets/img/header-nav/td-logo.png
x-cache
HIT
content-language
en-US
status
200
accept-ranges
bytes
content-type
image/png
content-length
3175
x-vdms-version
7.0
logo-1.svg
vancitycommunityinvestmentbank.ca/wp-content/uploads/2019/03/ 		10 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vancitycommunityinvestmentbank.ca/wp-content/uploads/2019/03/logo-1.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.228.42.76 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a1a50c0848a87acc61be2b53545a55282d2e3ea6ece7502fff102c292630814a
Security Headers
Name Value
Content-Security-Policy default-src; style-src 'self' 'unsafe-inline' https://*.typekit.net https://fonts.googleapis.com https://yoast.com ; img-src 'self' https://*.typekit.net https://*.dynamics.com https://www.google-analytics.com https://*.facebook.com https://stats.g.doubleclick.net https://www.google.com https://www.google.ca https://*.linkedin.com https://p.adsymptotic.com data: https://ps.w.org https://s.w.org https://secure.gravatar.com http://www.paypal.com https://www.paypalobjects.com https://i.ytimg.com https://www.googletagmanager.com https://paypal.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.typekit.net https://*.dynamics.com https://www.googletagmanager.com https://www.google-analytics.com https://*.facebook.net https://facebook.com https://snap.licdn.com https://mktdplp102cdn.azureedge.net ; media-src 'self'; font-src 'self' https://*.typekit.net https://fonts.gstatic.com data: https://yoast.com; frame-src 'self' https://*.facebook.com https://www.youtube.com https://dead8b7bc3394c1ba3e859288287a83f.svc.dynamics.com https://wp.freemius.com; connect-src 'self' https://facebook.com https://yoast.com https://dead8b7bc3394c1ba3e859288287a83f.svc.dynamics.com https://prod-34.westus.logic.azure.com https://www.google-analytics.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
10214
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 04 Aug 2020 19:00:02 GMT
Server
Microsoft-IIS/10.0
Date
Thu, 06 Aug 2020 11:59:11 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
no-cache,max-age=2419200,max-age=43200
Feature-Policy
*
ETag
"311a1a75916ad61:0"
Content-Security-Policy
default-src; style-src 'self' 'unsafe-inline' https://*.typekit.net https://fonts.googleapis.com https://yoast.com ; img-src 'self' https://*.typekit.net https://*.dynamics.com https://www.google-analytics.com https://*.facebook.com https://stats.g.doubleclick.net https://www.google.com https://www.google.ca https://*.linkedin.com https://p.adsymptotic.com data: https://ps.w.org https://s.w.org https://secure.gravatar.com http://www.paypal.com https://www.paypalobjects.com https://i.ytimg.com https://www.googletagmanager.com https://paypal.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.typekit.net https://*.dynamics.com https://www.googletagmanager.com https://www.google-analytics.com https://*.facebook.net https://facebook.com https://snap.licdn.com https://mktdplp102cdn.azureedge.net ; media-src 'self'; font-src 'self' https://*.typekit.net https://fonts.gstatic.com data: https://yoast.com; frame-src 'self' https://*.facebook.com https://www.youtube.com https://dead8b7bc3394c1ba3e859288287a83f.svc.dynamics.com https://wp.freemius.com; connect-src 'self' https://facebook.com https://yoast.com https://dead8b7bc3394c1ba3e859288287a83f.svc.dynamics.com https://prod-34.westus.logic.azure.com https://www.google-analytics.com;
Accept-Ranges
bytes
bw20200226005164_versabank_.jpeg
financialpostcom.files.wordpress.com/2020/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://financialpostcom.files.wordpress.com/2020/02/bw20200226005164_versabank_.jpeg?quality=80&strip=all&w=780
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6ed8bc605751d1226718d61449baab4689bd653f0875991d80731b0f1a613a20
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
MISS ams 28 np
date
Thu, 06 Aug 2020 11:59:11 GMT
x-content-type-options
nosniff, nosniff, nosniff
last-modified
Wed, 26 Feb 2020 12:00:25 GMT
server
nginx
status
200
accept-ranges
bytes
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://financialpostcom.wordpress.com
x-orig-src
0_imageresize
access-control-allow-credentials
true
content-length
10126
expires
Mon, 07 Sep 2020 01:46:42 GMT
logo.png
www.wealthonebankofcanada.com/Resources/Images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wealthonebankofcanada.com/Resources/Images/logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.69.254.60 , Canada, ASN23498 (CDSI, CA),
Reverse DNS
Software
/
Resource Hash
49c31ae5b2c4c99f0564e5000f66d97a051d8845a4f0fed3ddc2927befd34048
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Thu, 16 Feb 2017 04:59:37 GMT
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4552
Expires
Thu, 01 Jan 1970 00:00:00 GMT
zagbank-en.svg
www.zagbank.ca/themes/custom/zagbank/dist/svg/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zagbank.ca/themes/custom/zagbank/dist/svg/logo/zagbank-en.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.163.144.81 Montreal, Canada, ASN32613 (IWEB-AS, CA),
Reverse DNS
Software
Apache /
Resource Hash
73b14f3d6dd67df8617cad0a48ab12c1e785e467ce60821213557bff8378fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Jul 2020 20:49:16 GMT
server
Apache
etag
"753-5aae5a3d8eaec"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1875
x-xss-protection
1; mode=block
expires
Thu, 20 Aug 2020 11:59:11 GMT
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.235.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-235-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
last-modified
Thu, 31 Oct 2019 17:37:19 GMT
etag
W/"5dbb1bcf-962"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=15552000
timing-allow-origin
*
content-length
989
expires
Sat, 16 May 2020 03:48:33 GMT
bankofchina_LOGO.gif
www.bankofchina.com/ca/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bankofchina.com/ca/images/bankofchina_LOGO.gif
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
124.74.250.45 Shanghai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a13ac3c10dfa20fd65770c62e364607e3ed4ad5f4961281951a9c5322db504bd

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 11:59:01 GMT
Last-Modified
Thu, 03 Apr 2014 01:36:33 GMT
Server
Microsoft-IIS/10.0
Accept-Ranges
bytes
ETag
"e14b2a25dd4ecf1:0"
Content-Length
4153
Content-Type
image/gif
gplay.svg
nearmeplus.com/images/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/gplay.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
65a2483aa955aaa8e98bcfdf94272cf8aba7ff31f6a40e84d53d6497597594f6

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 14:57:51 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
5905
iphone.svg
nearmeplus.com/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/iphone.svg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
c3125de383aadc7f32f22559d9673933caa1d86bdc8e3b20d345d45245589bd4

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 14:57:53 GMT
server
nginx/1.17.6
x-server-cache
false
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
4745
apple.png
nearmeplus.com/images/logos/ 		500 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/logos/apple.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
24a0d229f568685a12b9264ba52a657973d4c3c0f1cf787d6d6028c90f85913c

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Wed, 20 Nov 2019 19:13:52 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
500
near-me-logo.png
nearmeplus.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/near-me-logo.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
6614f40770f5d94ae840f7ac468d4cfd8764a9961f4ac950b960fddd2e8175ba

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 05 Dec 2019 17:51:25 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
1199
js
www.googletagmanager.com/gtag/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144902658-1
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
487f72a43276b55e816da624b1a5f12dc2cb3a02735ae174a1b7ce307fcb4c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34850
x-xss-protection
0
last-modified
Thu, 06 Aug 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Aug 2020 11:59:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		119 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
025c45c9c37ac7c979bac835f7b5497179b7da3e259408da5e879d4bc1299da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
43044
x-xss-protection
0
server
cafe
etag
2642473995535233798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 06 Aug 2020 11:59:11 GMT
script.min.js
cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/ 		1 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3e8fd517604f03b26c4da71fc27f3c4051bff37e47de10323aed249a4da0374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
30139
x-cache
HIT, HIT
status
200
content-length
695
etag
W/"4de-SRw4UzuzHvUHbKyVNQGy5CxCb80"
x-served-by
cache-fra19126-FRA, cache-hhn4050-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7COpen+Sans%7CCabin:400,500%7CArchivo+Black,700%7CNunito+Sans%7CNunito:400,800
Origin
https://nearmeplus.com

Response headers

date
Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
865354
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:36:35 GMT
ctbg.jpg
nearmeplus.com/images/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/ctbg.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
5d339101f5dddc7d56143217fc5030d5304efa7d033f243a989ce9aa174a8aad

Request headers

Referer
https://nearmeplus.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Tue, 05 Feb 2019 17:24:20 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
154562
2493e637ab5d8887d2b549db235b1c65.png
nearmeplus.com/images/listings/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/2493e637ab5d8887d2b549db235b1c65.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
fc6f5d934739abf8a6a6222c20ba6e8ad4ad49165178b00c00668336ffe61922

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 06 Aug 2020 06:19:57 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
20674
50bab7b77e9e922e52e98e3470bc0a72.png
nearmeplus.com/images/listings/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/50bab7b77e9e922e52e98e3470bc0a72.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
426b57d0b52fb0e65ae9fb4f80fb62e1b7b1d482b87fa190241b7bf6258ee09a

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 06 Aug 2020 05:25:54 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
7364
95d5c7a1014d0847af8043b71dffa694.jpg
nearmeplus.com/images/listings/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/95d5c7a1014d0847af8043b71dffa694.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
e9319e310570bfdd2204925f789b80d0770f5a9b4b08cf03988fb4d1de02624e

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 06 Aug 2020 05:05:43 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
24591
1d4b2dd342550413a768c6689e791f3c.jpg
nearmeplus.com/images/listings/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/1d4b2dd342550413a768c6689e791f3c.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
06d6f5bf9355671161f6480932605475f2093ef9168a23a4d1c3fe69800260c0

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 06 Aug 2020 04:48:02 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
13863
3c6d20d642ee049e9dd3c22883a89da1.png
nearmeplus.com/images/listings/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/3c6d20d642ee049e9dd3c22883a89da1.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
8481680ce5fc4d929d41d2b7ac511a9a79cdffb6f83c91bc5c1c0485a466be74

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Wed, 05 Aug 2020 05:59:28 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
36158
8c84a175cb1cd93957afb04be665624d.jpg
nearmeplus.com/images/listings/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/8c84a175cb1cd93957afb04be665624d.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
f311e9777a7e823e94c709a17a1da3e4df955a53a6e60ec150c64698d5d67113

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Wed, 05 Aug 2020 03:54:30 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
4355
e1064e75f9dc3b5ab79ad720264ae25e.png
nearmeplus.com/images/listings/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/e1064e75f9dc3b5ab79ad720264ae25e.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
5a1291eedd5cede0cec0cee8fec11dc6dc87d2b0eb2114b26dae4ceb95690970

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Tue, 04 Aug 2020 19:58:25 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
5220
31d065dec88aec68182503c5aea7f7b0.jpg
nearmeplus.com/images/listings/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/31d065dec88aec68182503c5aea7f7b0.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
384e05f045408b6ededcb956cbaacc011aeee13505218d9a8c35932d9889cd0c

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Tue, 04 Aug 2020 08:02:56 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
64432
125813be2ebcf3fd2da5e53d8f2c9dfc.png
nearmeplus.com/images/listings/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/125813be2ebcf3fd2da5e53d8f2c9dfc.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
19d2bd8a0bc43870730ee5b7e55e1bbc525a7397fd3249d5a54f046218509635

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Tue, 04 Aug 2020 06:52:46 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
2283
50dbb5be52355ac6a7af655e7b9a64c6.png
nearmeplus.com/images/listings/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/50dbb5be52355ac6a7af655e7b9a64c6.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
18c67e9cfb1756e49458fb5b4074c29fce359bf8f979f7790bb1b26290d82a17

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Tue, 04 Aug 2020 03:43:30 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
5739
e2dab8084ef995408afc3aeea290fe6e.png
nearmeplus.com/images/listings/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/e2dab8084ef995408afc3aeea290fe6e.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
99b724130cb8e8021d7aec288cf430e39a750b444d64bde9e085ba67d8a90d60

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Mon, 03 Aug 2020 19:06:07 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
15792
084b1048a73785548fd6ce942df61fd0.jpg
nearmeplus.com/images/listings/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/listings/084b1048a73785548fd6ce942df61fd0.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
b307b552a8f9576e5290c63d2d23208da6892051674ff9e1c8f9ca5d23e0da73

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Mon, 03 Aug 2020 18:40:27 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
21629
c772f1efeb471d47cb0994339217dd65.jpg
nearmeplus.com/images/products/ 		425 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/products/c772f1efeb471d47cb0994339217dd65.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
a79f4f7799708278442d7b98b3eb8fb426bd835893a215e6cb4f46faf3c52550

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Mon, 27 Jul 2020 10:42:25 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
435146
5e0dbc2e29863d20de46f32d770e9b89.png
nearmeplus.com/images/products/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/products/5e0dbc2e29863d20de46f32d770e9b89.png
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
e042c3463c35b6099dc998ebaf161414ad557148eaada02e7dd53ed252e16fc5

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Mon, 22 Jun 2020 13:54:30 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/png
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
20506
bbd363b2183b1bb3ab9cd1fdd4ee6c2a.jpg
nearmeplus.com/images/products/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/products/bbd363b2183b1bb3ab9cd1fdd4ee6c2a.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
10855fa4c320cb51b93b99af6e4d58ab1037f50ba31b95aaf065fffbc9fb708d

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 11 Jun 2020 11:53:40 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
2122
16aae2ecd00033667770f2604971788a.jpg
nearmeplus.com/images/products/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/products/16aae2ecd00033667770f2604971788a.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
ec40cdc7c1d70f2905c56bfa15f69b2e0ded0b56c492d14390a82ac4fd2b14d8

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 11 Jun 2020 11:52:11 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
70048
653a55b8ea3906c6c21a188a5c473f76.jpg
nearmeplus.com/images/products/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nearmeplus.com/images/products/653a55b8ea3906c6c21a188a5c473f76.jpg
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.113.122.66 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
md-in-67.webhostbox.net
Software
nginx/1.17.6 /
Resource Hash
2e70de8b360423f929ae0095689c272588700e63df21c3aa370e79ac693718e4

Request headers

Referer
https://nearmeplus.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
last-modified
Thu, 11 Jun 2020 11:50:37 GMT
server
nginx/1.17.6
x-server-cache
false
content-type
image/jpeg
status
200
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
19040
XRXW3I6Li01BKofAksCUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v13/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v13/XRXW3I6Li01BKofAksCUYevIWzgPDA.woff2
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
843e1513a08b9b626e24b9630d264f84cea0ff45268ab42ade41ff5acea48066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7COpen+Sans%7CCabin:400,500%7CArchivo+Black,700%7CNunito+Sans%7CNunito:400,800
Origin
https://nearmeplus.com

Response headers

date
Tue, 21 Jul 2020 20:45:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 21:53:33 GMT
server
sffe
age
1350800
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13976
x-xss-protection
0
expires
Wed, 21 Jul 2021 20:45:49 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7COpen+Sans%7CCabin:400,500%7CArchivo+Black,700%7CNunito+Sans%7CNunito:400,800
Origin
https://nearmeplus.com

Response headers

date
Fri, 24 Jul 2020 10:06:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
1129984
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Sat, 24 Jul 2021 10:06:05 GMT
u-480qWljRw-PdfD3OhluylEeQ5J.woff2
fonts.gstatic.com/s/cabin/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v14/u-480qWljRw-PdfD3OhluylEeQ5J.woff2
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d11b7dc5bd68fca648e1677b14cdc382d1e2a95ce0b2a5a0654243b1e31996a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7COpen+Sans%7CCabin:400,500%7CArchivo+Black,700%7CNunito+Sans%7CNunito:400,800
Origin
https://nearmeplus.com

Response headers

date
Fri, 24 Jul 2020 10:05:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:38 GMT
server
sffe
age
1129999
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
expires
Sat, 24 Jul 2021 10:05:50 GMT
gtm.js
www.googletagmanager.com/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSHN267
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a335a684ed507bddf9c0c3513dac2349d3218057f579203a282626a119f9b5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:09 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34809
x-xss-protection
0
last-modified
Thu, 06 Aug 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Aug 2020 11:59:09 GMT
owl.carousel.min.css
cdn.jsdelivr.net/gh/OwlCarousel2/OwlCarousel2@2.3.4/dist/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/OwlCarousel2/OwlCarousel2@2.3.4/dist/assets/owl.carousel.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680204
x-cache
HIT, HIT
status
200
content-length
1068
etag
W/"d17-+6RjU8+QRQ7z02KhI/Hnrz6MVh4"
x-served-by
cache-fra19173-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
owl.theme.default.min.css
cdn.jsdelivr.net/gh/OwlCarousel2/OwlCarousel2@2.3.4/dist/assets/ 		1013 B
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/OwlCarousel2/OwlCarousel2@2.3.4/dist/assets/owl.theme.default.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680202
x-cache
HIT, HIT
status
200
content-length
479
etag
W/"3f5-aE2E7ECzBcoU78iMkfEpcstjQrQ"
x-served-by
cache-fra19126-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lity.min.css
cdn.jsdelivr.net/gh/jsor/lity@2.3.1/dist/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jsor/lity@2.3.1/dist/lity.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d12671012600825ae622e4f1f996071378734e7099581ed72eefa203c006d19d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
677830
x-cache
HIT, HIT
status
200
content-length
1016
etag
W/"d37-BBlssVdmspL3QiMoTi1jQbEM8eo"
x-served-by
cache-fra19137-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
font-awesome.min.css
cdn.jsdelivr.net/gh/FortAwesome/Font-Awesome@4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/FortAwesome/Font-Awesome@4.7.0/css/font-awesome.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680203
x-cache
HIT, HIT
status
200
content-length
7055
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
x-served-by
cache-fra19141-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
open-iconic-bootstrap.min.css
cdn.jsdelivr.net/gh/iconic/open-iconic@1.1.1/font/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/iconic/open-iconic@1.1.1/font/css/open-iconic-bootstrap.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680201
x-cache
HIT, HIT
status
200
content-length
2082
etag
W/"24b3-FZnwjeRtDAW+aII6h4nD1Hr9vR8"
x-served-by
cache-fra19173-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdn.jsdelivr.net/gh/jquery/jquery@3.3.1/dist/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jquery/jquery@3.3.1/dist/jquery.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680203
x-cache
HIT, HIT
status
200
content-length
30349
etag
W/"1538f-DcMttKqcXwPzs4xH2IPb1P7ROq4"
x-served-by
cache-fra19156-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fontawesome-webfont.woff2
cdn.jsdelivr.net/gh/FortAwesome/Font-Awesome@4.7.0/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/FortAwesome/Font-Awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdn.jsdelivr.net/gh/FortAwesome/Font-Awesome@4.7.0/css/font-awesome.min.css
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
680200
x-cache
HIT, HIT
status
200
content-length
77160
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
x-served-by
cache-fra19162-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
owl.carousel.min.js
cdn.jsdelivr.net/gh/OwlCarousel2/OwlCarousel2@2.3.4/dist/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/OwlCarousel2/OwlCarousel2@2.3.4/dist/owl.carousel.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680199
x-cache
HIT, HIT
status
200
content-length
11410
etag
W/"ad36-4qYA5DPfcrTP3pPXiA4xFJF6PL4"
x-served-by
cache-fra19135-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
quant.js
secure.quantserve.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHN267
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
last-modified
Thu, 06-Aug-2020 11:59:11 GMT
etag
M0-2a172724
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
content-length
8060
expires
Thu, 13 Aug 2020 11:59:11 GMT
lity.min.js
cdn.jsdelivr.net/gh/jsor/lity@2.3.1/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jsor/lity@2.3.1/dist/lity.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd5cc8f05b921b6d087ef203291a6d051fb57784fa1b9ede0c87fa6443b5de26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
379808
x-cache
HIT, HIT
status
200
content-length
2895
etag
W/"19c9-ZUlBNAGFNFNc4O7dXuQpV9MqFgU"
x-served-by
cache-fra19154-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/gh/twbs/bootstrap@4.4.1/dist/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/twbs/bootstrap@4.4.1/dist/js/bootstrap.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
111058
x-cache
HIT, HIT
status
200
content-length
15918
etag
W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
x-served-by
cache-fra19151-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.smartmenus.min.js
cdn.jsdelivr.net/gh/vadikom/smartmenus@1.1.0/dist/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vadikom/smartmenus@1.1.0/dist/jquery.smartmenus.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/krishnan57474/gaur@3/js/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386
Origin
https://nearmeplus.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
680060
x-cache
HIT, HIT
status
200
content-length
7052
etag
W/"5fe4-Gd9wKDX/Vc5am3a5l0+Fl8xSjGo"
x-served-by
cache-fra19171-FRA, cache-hhn4034-HHN
date
Thu, 06 Aug 2020 11:59:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144902658-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6212
date
Thu, 06 Aug 2020 10:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 06 Aug 2020 12:15:39 GMT
rules-p-dP5ASYRLzhDna.js
rules.quantcount.com/ 		3 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-dP5ASYRLzhDna.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:55:42 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
214
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
ia5zwTt3QtENbTGijGXeaaIwXw_c2WLIUFfAqBAaTpaBSqwJWS4KzQ==
integrator.js
adservice.google.de/adsid/ 		109 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nearmeplus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nearmeplus.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200803/r20190131/ 		223 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200803/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7033410c6a2668f47a5d1b8e1b0efd007d0001d4202af1dcc73e3ac89528828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
85574
x-xss-protection
0
server
cafe
etag
416733338008016723
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Aug 2020 11:59:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200803/r20190131/ Frame 2DF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200803/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200803/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nearmeplus.com/blogs/item/386
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 03 Aug 2020 18:06:10 GMT
expires
Mon, 17 Aug 2020 18:06:10 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
237181
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=616446943&t=pageview&_s=1&dl=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386&ul=en-us&de=UTF-8&dt=List%20of%20Banks%20in%20Canada%20-%20Nea...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_gid=712213170.1596715151&gjid=66288530&_v=j83&z=1566263113
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_v=j83&z=1566263113
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_v=j83&z=1566263113&slf_rd=1&random=368953759
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_v=j83&z=1566263113&slf_rd=1&random=368953759
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 11:59:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 11:59:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144902658-1&cid=1627548126.1596715151&jid=1873260510&_v=j83&z=1566263113&slf_rd=1&random=368953759
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6C97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5166687018307964&output=html&adk=1812271804&adf=3025194257&lmt=1596715151&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1596715151159&bpp=11&bdt=1775&idt=123&shv=r20200803&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5738629475921&frm=20&pv=2&ga_vid=1627548126.1596715151&ga_sid=1596715151&ga_hid=616446943&ga_fc=0&iag=0&icsg=524936&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C44723322%2C21066647%2C21066532&oid=3&pvsid=2718854601633550&pem=825&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200803/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5166687018307964&output=html&adk=1812271804&adf=3025194257&lmt=1596715151&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1596715151159&bpp=11&bdt=1775&idt=123&shv=r20200803&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5738629475921&frm=20&pv=2&ga_vid=1627548126.1596715151&ga_sid=1596715151&ga_hid=616446943&ga_fc=0&iag=0&icsg=524936&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530558%2C42530560%2C44723322%2C21066647%2C21066532&oid=3&pvsid=2718854601633550&pem=825&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nearmeplus.com/blogs/item/386
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 06 Aug 2020 11:59:11 GMT
server
cafe
content-length
647
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 06-Aug-2020 12:14:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Thu, 06 Aug 2020 11:59:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200803/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26707b5321012a13ff9b5527dadb1f99f5f14dd6553583380b43f37c5a906d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1596628412095837"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
26959
x-xss-protection
0
expires
Thu, 06 Aug 2020 11:59:11 GMT
pixel;r=421110220;source=gtm;rf=0;a=p-dP5ASYRLzhDna;url=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386;fpan=1;fpa=P0-73420761-1596715151544;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=421110220;source=gtm;rf=0;a=p-dP5ASYRLzhDna;url=https%3A%2F%2Fnearmeplus.com%2Fblogs%2Fitem%2F386;fpan=1;fpa=P0-73420761-1596715151544;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=nearmeplus.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1596715151544;tzo=-120;ogl=
Requested by
Host: nearmeplus.com
URL: https://nearmeplus.com/blogs/item/386
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 11:59:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status
200
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200803&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200803/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76551c0a2a039da550d56d4d5caf68c45936deb0e62c7c81be97f84899babfb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 06 Aug 2020 11:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5686
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200803/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 11:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Thu, 06 Aug 2020 11:59:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 576C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nearmeplus.com/blogs/item/386
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nearmeplus.com/blogs/item/386

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Thu, 06 Aug 2020 11:12:51 GMT
expires
Fri, 06 Aug 2021 11:12:51 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2783
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200803&jk=2718854601633550&bg=!WVqlWkJYNjnvVVqv35gCAAAAMlIAAAAKmQGFv-e8GUu4Y1AkyZQtz10WKnTL1qGYABdTV_vSJ_wjd-8H3F5rBV75fYqsiQloPjykdan-7LQMWqAUs5E7_G_CtfcIg_ecFwX_HrdnaXWiFsq58rc0H8xdykQfPc1sWK4AYQ4brjZjKzWM3YxX-xCGXJkUrAJwMDHQ_c9MM7qtmfwXMQro4WaK3gy85Ffs_o6Lr79o7S2HteWutZWnyGaUwqwTcBJnEhm0vt3LYk1KZ-xQzt56cwK2xoV_Z9tLi-WDaecy6AQNLmj7spY_dcjwf8ebzBjrs9w2tgXKOHx4j050hCN9CxO_sScPsxK2Q1O3qamVbsWSAVQodv3i5W7dBKSR5P3NEjFCNSZa9b3DGClRBTRN1cgHfwGJGOxcQ0GyVxnwvDjWM0QsFp3fHA9qlS7kgzic_Pm6to1bD9RUvJ-yqv6ORFaxqhN4dS6AD6VLRAyAWzEojywq3WR-xnCtpbtsni4TiuhVNi7PKQstkOwhbIZIYScQ7LyG3V3VStHu5npL_M4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nearmeplus.com/blogs/item/386
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 11:59:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: TD Bank (Banking) Bank of China (Banking) Scotiabank (Banking) American Express (Financial)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _jq object| dataLayer function| gtag function| $ function| jQuery object| google_tag_manager object| _qevents function| lity object| bootstrap object| google_tag_data string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| ezt object| _qoptions object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nearmeplus.com/ Name: __qca
Value: P0-73420761-1596715151544
.nearmeplus.com/ Name: _ga
Value: GA1.2.1627548126.1596715151
.nearmeplus.com/ Name: _gat_gtag_UA_144902658_1
Value: 1
.nearmeplus.com/ Name: _gid
Value: GA1.2.712213170.1596715151
nearmeplus.com/ Name: SID
Value: 51b06f59933948541273494be8a173e71557844c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b2bbank.com
bridgewaterbank.ca
canadiantire.scene7.com
cdn.jsdelivr.net
dvh1deh6tagwk.cloudfront.net
financialpostcom.files.wordpress.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mma.prnewswire.com
nearmeplus.com
pagead2.googlesyndication.com
pixel.quantserve.com
prnewswire2-a.akamaihd.net
rules.quantcount.com
s3.amazonaws.com
secure.quantserve.com
stats.g.doubleclick.net
tpc.googlesyndication.com
upload.wikimedia.org
vancitycommunityinvestmentbank.ca
www.aexp-static.com
www.alternabank.ca
www.bankofchina.com
www.bmo.com
www.cibc.com
www.concentra.ca
www.cwbank.com
www.dcbank.ca
www.duobank.com
www.ebcfx.com
www.equitablebank.ca
www.fnbc.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.haventreebank.com
www.homebank.ca
www.manulifebank.ca
www.motusbank.ca
www.nbc.ca
www.pcfinancial.ca
www.peoplesbank.ca
www.portfolioplus.com
www.rbcroyalbank.com
www.rfa.ca
www.rogersbank.com
www.scotiabank.com
www.td.com
www.uni.ca
www.wealthonebankofcanada.com
www.zagbank.ca
104.109.81.243
104.111.228.155
104.74.145.163
107.162.158.163
108.163.144.81
124.74.250.45
142.176.83.30
143.204.202.101
158.106.115.226
166.62.84.121
192.0.72.28
192.229.182.193
2.16.177.26
206.25.72.220
208.69.254.161
208.69.254.60
209.202.9.154
23.36.235.165
23.37.40.17
23.37.40.180
2600:9000:2057:2600:6:44e3:f8c0:93a1
2600:9000:2057:e000:0:83b2:40:93a1
2600:9000:214f:d800:19:69c6:4500:21
2606:4700:10::6816:1d9f
2606:4700::6812:1ad0
2606:4700::6813:ad1c
2620:0:862:ed1a::2:b
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:819::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:400c:c00::9a
2a02:26f0:6c00:185::286e
2a02:26f0:6c00:19a::18a9
2a02:26f0:f1:292::9b6
2a04:4e42:1b::621
34.95.13.225
35.183.171.10
35.184.62.136
45.113.122.66
52.216.17.83
52.228.42.76
52.237.22.139
64.18.66.47
69.163.168.155
88.221.62.97
025c45c9c37ac7c979bac835f7b5497179b7da3e259408da5e879d4bc1299da9
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
06d6f5bf9355671161f6480932605475f2093ef9168a23a4d1c3fe69800260c0
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c8322fce6da7d7cac34ae99d043e84ab205ca09297c17582d77cf8fdf12d537
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10855fa4c320cb51b93b99af6e4d58ab1037f50ba31b95aaf065fffbc9fb708d
1178d5805dbd65af8526a7401f67840378ccb3bdc9ec11f4bdbf606935f643b6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18c67e9cfb1756e49458fb5b4074c29fce359bf8f979f7790bb1b26290d82a17
19c3fb3992208d47731a334b96fad995bc4cb9a395da6e6104267197698fc0c1
19d2bd8a0bc43870730ee5b7e55e1bbc525a7397fd3249d5a54f046218509635
1a9a08268eccb9e2e06ad28627b31fe0169013e5253b114f94d1a4f363739a3b
202624a25f0b5101415f8a33bf7d677bd4470b62d373ce4862532ad7dea814a4
24a0d229f568685a12b9264ba52a657973d4c3c0f1cf787d6d6028c90f85913c
26707b5321012a13ff9b5527dadb1f99f5f14dd6553583380b43f37c5a906d41
29937a50e9fc7081f37eb6fa41e020a3b173a97f3d36be73cb7248b363d921cd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e70de8b360423f929ae0095689c272588700e63df21c3aa370e79ac693718e4
2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e
31cb69a8ded7dbbb520682c6e603d285b5234926d74b64823ee10280904f93b3
34c2233c7a4bc10b7169a4da0677edf6e9bd9a177925fd0e9bcd263cb09f2fa0
384e05f045408b6ededcb956cbaacc011aeee13505218d9a8c35932d9889cd0c
3b53fbc6aa967594f79c138b582e786fb94f446f13c1fb985ba7944068e62efb
3b8ba3551b890ac457740f0c8cc133bb6b41f8617ec8d6c004e5658cbbce308d
3d11b7dc5bd68fca648e1677b14cdc382d1e2a95ce0b2a5a0654243b1e31996a
426b57d0b52fb0e65ae9fb4f80fb62e1b7b1d482b87fa190241b7bf6258ee09a
487f72a43276b55e816da624b1a5f12dc2cb3a02735ae174a1b7ce307fcb4c05
49c31ae5b2c4c99f0564e5000f66d97a051d8845a4f0fed3ddc2927befd34048
50c42a9226f57bb039d2b49fb0d0a3a38d85eaa675a54d8cb4c73e281b03ee9e
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a1291eedd5cede0cec0cee8fec11dc6dc87d2b0eb2114b26dae4ceb95690970
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5abfe25b6b021f9d8a3a5db9c6e2ae186f03adaf53a06b9c156d2e2aab535304
5d339101f5dddc7d56143217fc5030d5304efa7d033f243a989ce9aa174a8aad
612c9d02ee2e5b0b96678e9b331cae7c49d2ac3e4bfec54a5f915daed6a78fbd
65a2483aa955aaa8e98bcfdf94272cf8aba7ff31f6a40e84d53d6497597594f6
6614f40770f5d94ae840f7ac468d4cfd8764a9961f4ac950b960fddd2e8175ba
6bcb68828ff84ccadbf704512eab7d438148ec329740d271e532ae5d3c720338
6ed8bc605751d1226718d61449baab4689bd653f0875991d80731b0f1a613a20
73b14f3d6dd67df8617cad0a48ab12c1e785e467ce60821213557bff8378fbcd
7540bdf35b72baa86abaae82bdc44ba3b6aa0bb6438350f7484863244d5b2e26
76188f00b184f80010d93c0a738aa70ff28ef298b90c89cbaa020aa3d114c637
761a39ab86d4d87d1fde4aff717c3c4221044c218034c1b934c813591115c878
76551c0a2a039da550d56d4d5caf68c45936deb0e62c7c81be97f84899babfb4
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a753e8773d291999199b626a2e9d5c2d71bf4f003f10891032b244f2c921d7a
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
843e1513a08b9b626e24b9630d264f84cea0ff45268ab42ade41ff5acea48066
8481680ce5fc4d929d41d2b7ac511a9a79cdffb6f83c91bc5c1c0485a466be74
87377846365e879595a7912be60a6998e56d8eb64e6f2c978a4a6e34e7532d6a
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
941c69e2710662afd214b905a81b06b8c255d33773c2c11d45d0bdfe6ca56b05
99b724130cb8e8021d7aec288cf430e39a750b444d64bde9e085ba67d8a90d60
9c02c7f487a461669a9d16062beb4950f71b1b71122cb58174e4f6406accfcae
9d517371c86267412accbf95ecbec68fed55953ff419744985aa56f7dfedaa5a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13ac3c10dfa20fd65770c62e364607e3ed4ad5f4961281951a9c5322db504bd
a1a50c0848a87acc61be2b53545a55282d2e3ea6ece7502fff102c292630814a
a335a684ed507bddf9c0c3513dac2349d3218057f579203a282626a119f9b5c2
a4189cd2e052e9e4ce91ad93d3fbe991ea78de08defeed1f3f3c5788b5e22274
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a6df0a8237404498c5ad536851099ac5abf736e24461bc2287189c93a83668d7
a79f4f7799708278442d7b98b3eb8fb426bd835893a215e6cb4f46faf3c52550
b307b552a8f9576e5290c63d2d23208da6892051674ff9e1c8f9ca5d23e0da73
b3e8fd517604f03b26c4da71fc27f3c4051bff37e47de10323aed249a4da0374
b7033410c6a2668f47a5d1b8e1b0efd007d0001d4202af1dcc73e3ac89528828
bf72370307fdfcd61525cfc318542629bb843a46f26d376fbd81447eab4d04d5
c3125de383aadc7f32f22559d9673933caa1d86bdc8e3b20d345d45245589bd4
c40b407e4bda870ac0fa971fb8315fafb340ff05536da17955024e95179324e8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd432888992dcb1c3c102427be64efb2d95bacb558a72685fc3e6cd1fc41ddb9
cf09344fb594a095f92659272aeac1a1b2c44ac71d32a01ad61ba96424ecdea0
d12671012600825ae622e4f1f996071378734e7099581ed72eefa203c006d19d
d3baa0dd7a253b04f53c14bd34566080b1642aa51c922c3c3338604e753e116f
d988c4aabb5de3eb134e39ac0bed4669b13ebf937b4833b162a9881747833863
db01caa7f67c14986b1586e66f3add9cd370b888fae85c9015b1ea5dda0e7376
db823964259095c94de52624977d2005a62c6bf4fafbae759442c03a9033313d
dd5cc8f05b921b6d087ef203291a6d051fb57784fa1b9ede0c87fa6443b5de26
e042c3463c35b6099dc998ebaf161414ad557148eaada02e7dd53ed252e16fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9319e310570bfdd2204925f789b80d0770f5a9b4b08cf03988fb4d1de02624e
e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca
eac3a961a4b9e015ee743d2210d958a36925d991775aa67a79c1525971c1259e
ec40cdc7c1d70f2905c56bfa15f69b2e0ded0b56c492d14390a82ac4fd2b14d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f311e9777a7e823e94c709a17a1da3e4df955a53a6e60ec150c64698d5d67113
fc6f5d934739abf8a6a6222c20ba6e8ad4ad49165178b00c00668336ffe61922
fd06a6f574913276d53566e8ee41b65963894cd9bc1c873d57044651420aa494
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955