urlscan.io logo urlscan.io
SecurityTrails logo

offers.safesteptubs.ca Open in urlscan Pro
34.205.248.193  Public Scan

Go To Rescan Add Verdict Report
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Submission: On September 07 via manual from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 3 countries across 36 domains to perform 122 HTTP transactions. The main IP is 34.205.248.193, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is offers.safesteptubs.ca.
TLS certificate: Issued by R3 on July 15th 2023. Valid for: 3 months.
This is the only time offers.safesteptubs.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.205.248.193 14618 (AMAZON-AES)
3 18.165.83.40 16509 (AMAZON-02)
2 172.253.63.95 15169 (GOOGLE)
6 172.253.63.97 15169 (GOOGLE)
2 18.160.15.38 16509 (AMAZON-02)
9 142.251.111.99 15169 (GOOGLE)
3 13.107.21.200 8068 (MICROSOFT...)
1 18.160.41.49 16509 (AMAZON-02)
3 31.13.80.12 32934 (FACEBOOK)
4 3.228.94.158 14618 (AMAZON-AES)
11 151.139.128.10 20446 (STACKPATH...)
2 184.106.20.60 19994 (RACKSPACE)
10 18.154.230.155 16509 (AMAZON-02)
2 18.67.65.13 16509 (AMAZON-02)
9 172.253.115.94 15169 (GOOGLE)
2 142.251.167.101 15169 (GOOGLE)
4 172.253.63.155 15169 (GOOGLE)
1 174.129.147.137 14618 (AMAZON-AES)
4 31.13.80.36 32934 (FACEBOOK)
1 18.160.18.45 16509 (AMAZON-02)
4 142.250.31.94 15169 (GOOGLE)
1 172.253.63.102 15169 (GOOGLE)
6 142.251.111.94 15169 (GOOGLE)
6 108.166.2.67 19994 (RACKSPACE)
1 142.251.163.95 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 18.164.96.95 16509 (AMAZON-02)
2 7 3.162.103.56 16509 (AMAZON-02)
14 18 34.196.240.25 14618 (AMAZON-AES)
1 2 35.211.178.172 19527 (GOOGLE-2)
2 2 142.251.167.156 15169 (GOOGLE)
1 2 104.18.39.155 13335 (CLOUDFLAR...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 8.43.72.97 26667 (RUBICONPR...)
1 2 35.244.159.8 15169 (GOOGLE)
1 70.42.32.159 22075 (AS-OUTBRAIN)
1 104.36.113.107 62713 (AS-PUBMATIC)
1 2 34.200.65.202 14618 (AMAZON-AES)
1 141.226.224.48 ()
1 2 52.223.22.214 ()
1 2 68.67.178.10 ()
122 41
1    34.205.248.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-248-193.compute-1.amazonaws.com
offers.safesteptubs.ca
3    18.165.83.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-40.iad55.r.cloudfront.net
builder-assets.unbounce.com
2    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
ajax.googleapis.com
6    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
2    18.160.15.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-15-38.iad12.r.cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
9    142.251.111.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f99.1e100.net
www.google.com
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com
3    31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
connect.facebook.net
4    3.228.94.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-94-158.compute-1.amazonaws.com
tags.srv.stackadapt.com
11    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
cdn.thelivechatsoftware.com
2    184.106.20.60 (United States)

ASN19994 (RACKSPACE, US)
thelivechatsoftware.com
10    18.154.230.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-230-155.iad55.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2    18.67.65.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-13.iad89.r.cloudfront.net
fonts.ub-assets.com
9    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
www.gstatic.com
2    142.251.167.101 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f101.1e100.net
www.google-analytics.com
4    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
1    174.129.147.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-147-137.compute-1.amazonaws.com
events.ub-analytics.com
4    31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com
www.facebook.com
1    18.160.18.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-45.iad12.r.cloudfront.net
script.hotjar.com
4    142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.google.ca
1    172.253.63.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f102.1e100.net
analytics.google.com
6    142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net
fonts.gstatic.com
6    108.166.2.67 (United States)

ASN19994 (RACKSPACE, US)
blue.thelivechatsoftware.com
1    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    18.164.96.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-95.jfk50.r.cloudfront.net
vc.hotjar.io
7    3.162.103.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-56.iad61.r.cloudfront.net
s.adroll.com
18    34.196.240.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-240-25.compute-1.amazonaws.com
d.adroll.com
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    142.251.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
cm.g.doubleclick.net
2    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    141.226.224.48 (None, )

ASN- ()
sync.taboola.com
2    52.223.22.214 (None, )

ASN- ()
eb2.3lift.com
2    68.67.178.10 (None, )

ASN- ()
ib.adnxs.com
Apex Domain
Subdomains		 Transfer
25 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3226
d.adroll.com — Cisco Umbrella Rank: 1446
43 KB
18 thelivechatsoftware.com
thelivechatsoftware.com — Cisco Umbrella Rank: 109198
cdn.thelivechatsoftware.com — Cisco Umbrella Rank: 841559
blue.thelivechatsoftware.com — Cisco Umbrella Rank: 127733
172 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
683 KB
12 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
295 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 181
92 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
4 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
424 KB
4 google.ca
www.google.ca — Cisco Umbrella Rank: 8913
777 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
272 B
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3318
9 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 447
890 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
123 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 404
14 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 406
fonts.googleapis.com — Cisco Umbrella Rank: 58
31 KB
3 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 24923
39 KB
2 adnxs.com
ib.adnxs.com
2 KB
2 3lift.com
eb2.3lift.com
744 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
559 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 518
524 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 911
882 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 369
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
2 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 29481
32 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 793
script.hotjar.com — Cisco Umbrella Rank: 1084
59 KB
1 taboola.com
sync.taboola.com
367 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1056
540 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 886
287 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
797 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 5241
392 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2914
259 B
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3923
4 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 34636
282 B
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 8572
57 KB
1 safesteptubs.ca
offers.safesteptubs.ca
13 KB
0 broadsidemedia.com Failed
portal.broadsidemedia.com Failed
122 36
Domain Requested by
18 d.adroll.com 14 redirects s.adroll.com
10 cdn.thelivechatsoftware.com thelivechatsoftware.com
offers.safesteptubs.ca
10 d9hhrg4mnvzow.cloudfront.net offers.safesteptubs.ca
9 www.gstatic.com www.google.com
www.gstatic.com
9 www.google.com offers.safesteptubs.ca
www.gstatic.com
www.google.com
7 s.adroll.com 2 redirects offers.safesteptubs.ca
s.adroll.com
6 blue.thelivechatsoftware.com thelivechatsoftware.com
cdn.thelivechatsoftware.com
6 fonts.gstatic.com www.google.com
offers.safesteptubs.ca
fonts.googleapis.com
6 www.googletagmanager.com offers.safesteptubs.ca
www.googletagmanager.com
www.google-analytics.com
4 www.google.ca offers.safesteptubs.ca
4 www.facebook.com offers.safesteptubs.ca
4 tags.srv.stackadapt.com offers.safesteptubs.ca
tags.srv.stackadapt.com
3 idsync.rlcdn.com 2 redirects
3 connect.facebook.net offers.safesteptubs.ca
connect.facebook.net
3 bat.bing.com offers.safesteptubs.ca
bat.bing.com
3 builder-assets.unbounce.com offers.safesteptubs.ca
2 ib.adnxs.com 1 redirects
2 eb2.3lift.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 us-u.openx.net 1 redirects
2 pippio.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 x.bidswitch.net 1 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
2 thelivechatsoftware.com offers.safesteptubs.ca
thelivechatsoftware.com
2 d1wbjksx0xxdn3.cloudfront.net offers.safesteptubs.ca
d1wbjksx0xxdn3.cloudfront.net
2 ajax.googleapis.com offers.safesteptubs.ca
thelivechatsoftware.com
1 sync.taboola.com
1 image2.pubmatic.com
1 sync.outbrain.com
1 pixel.rubiconproject.com
1 tags.rd.linksynergy.com 1 redirects
1 vc.hotjar.io script.hotjar.com
1 netdna.bootstrapcdn.com cdn.thelivechatsoftware.com
1 fonts.googleapis.com ajax.googleapis.com
1 analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 events.ub-analytics.com offers.safesteptubs.ca
1 cdn.mouseflow.com offers.safesteptubs.ca
1 static.hotjar.com offers.safesteptubs.ca
1 offers.safesteptubs.ca
0 portal.broadsidemedia.com Failed offers.safesteptubs.ca
122 46

This site contains links to these domains. Also see Links.

Domain
liveadmins.com
Subject Issuer Validity Valid
offers.safesteptubs.ca
R3		 2023-07-15 -
2023-10-13		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-16 -
2023-09-14		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-28 -
2024-09-27		 a year crt.sh
*.thelivechatsoftware.com
Go Daddy Secure Certificate Authority - G2		 2023-06-02 -
2024-07-03		 a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
*.google.ca
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://offers.safesteptubs.ca/google-ppc-sst/
Frame ID: C435ED206584A6EE4C2060C44C09E8DD
Requests: 105 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Frame ID: 9416469074E1C93BCC1D994064C958A2
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
Frame ID: 2959EDF7A11899C706217A9AA2CCF3A5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The walk-in tub that can change your life.

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

122
Requests

85 %
HTTPS

0 %
IPv6

36
Domains

46
Subdomains

41
IPs

3
Countries

2111 kB
Transfer

5129 kB
Size

56
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://s.adroll.com/j/exp/EW3LHI5ACFA2XOHIGZCMHS/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 101
  • https://s.adroll.com/j/pre/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 104
  • https://d.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&cookie=&adroll_s_ref=&keyw=&p0=4056 HTTP 302
  • https://s.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/2UNKNSNOVFDNNCB4GFAO5R.js
Request Chain 107
  • https://d.adroll.com/cm/b/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Request Chain 108
  • https://d.adroll.com/cm/g/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=GW6MbUc6_Qi3oswq6BISEw HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 109
  • https://d.adroll.com/cm/index/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expiration=1725596812 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expiration=1725596812&C=1
Request Chain 110
  • https://d.adroll.com/cm/l/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=196e8c6d473afd08b7a2cc2ae8121213 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTMQABoNCIyi5acGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e2b4efe40dd6cf609b5cdf91709ce3318c5f078e2db11453974449e62fe7255c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlMmI0ZWZlNDBkZDZjZjYwOWI1Y2RmOTE3MDljZTMzMThjNWYwNzhlMmRiMTE0NTM5NzQ0NDllNjJmZTcyNTVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIjaLlpwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlMmI0ZWZlNDBkZDZjZjYwOWI1Y2RmOTE3MDljZTMzMThjNWYwNzhlMmRiMTE0NTM5NzQ0NDllNjJmZTcyNTVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIjaLlpwYSBAgCEABCAEoA&google_gid=CAESEGP3R0wEHz2tSCaEGAyEFOA&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=42c9dcbe-0994-443c-8639-53d36c77bf42
Request Chain 111
  • https://d.adroll.com/cm/n/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expires=365
Request Chain 112
  • https://d.adroll.com/cm/o/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=196e8c6d473afd08b7a2cc2ae8121213&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=196e8c6d473afd08b7a2cc2ae8121213&gdpr=0&gdpr_consent=
Request Chain 113
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 114
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 115
  • https://d.adroll.com/cm/r/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 116
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Request Chain 117
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 118
  • https://d.adroll.com/cm/x/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACFA2XOHIGZCMHS HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Request Chain 119
  • https://d.adroll.com/fb/tr/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&id=472346079585997&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%2Fgoogle-ppc-sst%2F_&cd[application_id]=321379434608647&cd[product_catalog_id]=1701322810188488 HTTP 302
  • https://www.facebook.com/tr/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&id=472346079585997&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%2Fgoogle-ppc-sst%2F_&cd[application_id]=321379434608647&cd[product_catalog_id]=1701322810188488&cd[external_id]=GW6MbUc6_Qi3oswq6BISEw

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.safesteptubs.ca/google-ppc-sst/ 		65 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.205.248.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-248-193.compute-1.amazonaws.com
Software
/
Resource Hash
8a210569cc6eadbd3f6a434af65cc614ed2c413a721927f254ebe4972732e84f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-length
12637
content-location
https://offers.safesteptubs.ca/google-ppc-sst/
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 04:26:48 GMT
etag
"a:1012583ec93e4203a65e5f001c77ada8"
link
<https://offers.safesteptubs.ca/google-ppc-sst/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
2ad595c6-1f74-4c38-ae4b-12c2b2323e2a
x-unbounce-variant
a
x-unbounce-visitorid
1012583e-c93e-4203-a65e-5f001c77ada8
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-40.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 16:35:30 GMT
content-encoding
gzip
via
1.1 46e2fa2a811f54853547788992d9aca0.cloudfront.net (CloudFront)
x-amz-version-id
fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop
IAD55-P3
age
3498679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Tue, 11 Jul 2023 16:18:48 GMT
server
AmazonS3
etag
"99b89a3d5f7bab4f89aad694ef70a6d8"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jYVXdFP99-xoy5wtNQRJuBv2l0XshFEc-6-_Xlk5YEKf7QslgbzUKg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 19:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 19:01:57 GMT
jquery-shims.bundle-aa41391.z.js
builder-assets.unbounce.com/published-js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-40.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 15:25:45 GMT
content-encoding
gzip
via
1.1 46e2fa2a811f54853547788992d9aca0.cloudfront.net (CloudFront)
x-amz-version-id
Eo1N7rPPiIRpDmAKnYL.itgwswbpORDF
x-amz-cf-pop
IAD55-P3
age
4712463
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1991
last-modified
Tue, 11 Jul 2023 16:18:45 GMT
server
AmazonS3
etag
"29f67dc57513d44ad95c6d6fb814d270"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
S5YlHPu6-ErwRDyohU0fFNyxSI5hy1LiVmAEfS7FNiswAyFjq1lVZg==
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-994394862
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6daea6ad3fc586cb5e55a004c57d7880e5c6b5ebaba7cdf9650d2b165c9dbe4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71458
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Sep 2023 04:26:48 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-783651190
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
37f97eb48a7a1e1b94ed33e67eb07afba86ceae9aafb65ef0ec4bddbbcd46b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69553
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Sep 2023 04:26:48 GMT
ub.js
d1wbjksx0xxdn3.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799044
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.15.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-15-38.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:14:04 GMT
content-encoding
gzip
via
1.1 bd3f4df95f7c836cc4eb6a22d92ac2c2.cloudfront.net (CloudFront)
x-amz-version-id
DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop
IAD12-P4
age
2261565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1864
last-modified
Mon, 26 Jun 2023 16:59:10 GMT
server
AmazonS3
etag
"118cee1e64f6b283233c55aee7da10da"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rBjg0-eCPQLmVKhCaQufFVZBlC76_0xNvUZ6v5UeRUD3lIDymw-Ofw==
pageview.js
portal.broadsidemedia.com/static/ 		0
0
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
fe5e157c57b8a5017a03e866ec659bd8efa054c5e54276593ab43be9420fba14
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
834
x-xss-protection
1; mode=block
expires
Thu, 07 Sep 2023 04:26:48 GMT
main.bundle-b8bce47.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-40.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 19:19:09 GMT
content-encoding
gzip
via
1.1 46e2fa2a811f54853547788992d9aca0.cloudfront.net (CloudFront)
x-amz-version-id
6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe
x-amz-cf-pop
IAD55-P3
age
724060
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33784
last-modified
Tue, 11 Jul 2023 16:18:45 GMT
server
AmazonS3
etag
"3208b0848f289d158acfc0caf5894954"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b3Ics_gTCAxuIlSqR-8Pgl8F138CZPSxFKZE8yqFXUw44XhlnKKxlA==
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 07 Sep 2023 04:26:48 GMT
last-modified
Wed, 06 Sep 2023 22:41:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F838CCB6364B4495BA8C96CC462B628F Ref B: YTO01EDGE0517 Ref C: 2023-09-07T04:26:48Z
etag
"09cc4613e1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12993
hotjar-1519317.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1519317.js?sv=6
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
dda105da8cfe5ba252e2da1d0911aa48fb1d233cde73817b5f2f81f9914e5b71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 04:26:48 GMT
via
1.1 d8778dbc6e81818135a7305a388b2974.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
etag
W/2acab871329e49a4ef2c8d01abe167f5
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
lnvwQnQ1fIBQHvAaI3xC-MZ2pPEtVEd3VAVdHdqIJt7oGNFRUuPZIg==
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Sep 2023 04:26:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
MDaxLd+feavmjDEnwgZWsDnXxI8x15D3miuGxgopPXY7pjL3oacid+7XS3I+nRZ7A+7JezicpvWOsVlKqJd9qA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.94.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-94-158.compute-1.amazonaws.com
Software
/
Resource Hash
c3ed386969580147275c1c34653b03549e5f323a4b49c84fe1df445e37b57ef1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 04:26:48 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
gtm.js
www.googletagmanager.com/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3363VV
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1cea5295b16f8664420b1fcbc9701302d8933c9f9b3a3ad7da3a862c5c0579b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65859
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Sep 2023 04:26:48 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
98ab1714-9283-47dd-935e-834e658dc832.js
cdn.mouseflow.com/projects/ 		192 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/98ab1714-9283-47dd-935e-834e658dc832.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Mouseflow /
Resource Hash
d1b498ebe1608b042d03c4971ac6eb82efb8299f7a58f3d7883d817d947153ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 14 Aug 2023 07:10:21 GMT
server
Mouseflow
etag
W/"ebc281637eced91:0"
x-cache-status
MISS
x-hw
1694060808.cds221.ch4.hn,1694060808.cds239.ch4.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
57616
la_script.js
thelivechatsoftware.com/Dashboard/cwgen/scripts/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.20.60 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
41482a603df6517ec458cba296234f318f022f9276916c5710db3dd916ea36e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 06:59:34 GMT
etag
"04ff6be5331d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
3544
c3d94a55-background_10000001ch0l6000030028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/c3d94a55-background_10000001ch0l6000030028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86e50ed2286884e17bb99138fbf16f92cc559d2c3989cef92261504f7dcfa476

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:05:54 GMT
x-amz-version-id
c_9Mlz_ik2zCK.vICHaCSM_4XK1UsSNc
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
307255
etag
"fefdfeb48491ffca7363f7762b38e4b5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
204809
x-amz-cf-id
VPkY0SQZXKXEh5hFh1U_eR5I745Ebiwqo3X2OZ0SHjBrLWiMyPbZZg==
900d7488-ce98-4a4c-b276-5fd76c6eae88
https://offers.safesteptubs.ca/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://offers.safesteptubs.ca/900d7488-ce98-4a4c-b276-5fd76c6eae88
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
css
fonts.ub-assets.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Montserrat:regular,700,500,300,600
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-13.iad89.r.cloudfront.net
Software
/
Resource Hash
9138dbd360dadf1337dee6c9e94267854f42db6e99ddd8815a7433d6f31f49ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 68261aebcfc232344da2ef3bf1d3f9ea.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
x-amzn-requestid
d6ccb93c-c0b3-4453-892d-2a6d409e397f
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
K3mZWEH4oAMEkng=
content-length
629
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-64f95108-3f528b8666d15a4e1db1cf51
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
U7WiVV1m8PnlUgLNSDmqrC-GNvCmvJ2yj9APkgxCikag0j38alr9ug==
feba3a27-safetynever-felt-so-good_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/feba3a27-safetynever-felt-so-good_1000000000000000000028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3927e2c485fe86020cd58c68240a09982a99051aafff9d6b434b76d54d44a2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:49:30 GMT
x-amz-version-id
6sd_upXIuO43HM2DFWg8PCH6iMwf84TP
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
391039
etag
"1cf7a9e58a78e54b51d94d45262da233"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3158
x-amz-cf-id
29c7OOORYvLBl19S5LSBqkxju9OQK6h-McQe7_7yo4t7amzbKjhNtA==
b241435b-canadian-safe-step-logo-dark-blue_106g01m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/b241435b-canadian-safe-step-logo-dark-blue_106g01m000000000000028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a62caa70f7f890ea15042c831f4693b902e3f9efbc054d9b74b6c9e8b0d69b08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
x-amz-version-id
ynvP1vrmz2Axbhd7KCuYM5EE0KbiUdzk
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"fc66d031d4c02a57db0470b26d6716c4"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2606
x-amz-cf-id
zua9gJ4LuN0G7bgKbK7k-ZHV03KYTJnGKJLPBmB_Rf7JHIh0miODWw==
ef917080-shower-package_109z0ey00000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ef917080-shower-package_109z0ey00000000000001o.jpeg
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90ebd88464322dde10acb37ef26969e2208a12ec2958dd11640f185917724342

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
x-amz-version-id
TPXi8Dl4KNNL6FEPjS0yk9aPBiI3QFB2
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"19bb6ba6949a68fe8e907576a6cc06bd"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
11527
x-amz-cf-id
FLh8owA10sa7IcjmEzxYVPnb6tDfEK0t_-LNqb_qq8yhTqLkl0TcGw==
ee666916-arrow3_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		372 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ee666916-arrow3_1000000000000000000028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7c8fa72df2bc78b3ddae89b7ec3e375d1da2c4a69c85ef367a6295f8fd0259

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:49:30 GMT
x-amz-version-id
V4.slVSCDr.9BVKbnqD5DfbMgrLmbMSw
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
391039
etag
"8f1063dff5205b41bdfd00d9d4e714ef"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
372
x-amz-cf-id
4JRE742_NE2SQvgTXVtdUNmU193vRThxThR6iIliGc8y3XGveEopVA==
b241435b-canadian-safe-step-logo-dark-blue_106p01o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/b241435b-canadian-safe-step-logo-dark-blue_106p01o000000000000028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92096741209b24b4e2882bb4f8b18ea1bbccf0666ed12c8a84529a4c1a26e293

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
x-amz-version-id
EhlOl9pRuR9hJ5t5odvraBZiLQ5Lx8Bb
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"df2c31b1d4b00fe38a0c79f77adef692"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3017
x-amz-cf-id
ZJoAZW3VbXqWJaHVKeOezUgtIrFQi3zDIsuVGcNeDn6yww2ZEr-D2w==
e590fa23-quote_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		479 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/e590fa23-quote_1000000000000000000028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea58057003f82b101433d502cf28f544cc42f026c23c4f7b5ff594a38101d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 20:10:00 GMT
x-amz-version-id
1iDZyrelG8_P9DmU5GqgKsN4ITuv.GRN
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
375409
etag
"7e89e2c522bb5b76a163bd570face783"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
479
x-amz-cf-id
jdzvfLA4Mi-IJdtryh21P7rDUQc-VYH9eV7NJqOq12H_l3RF067W9Q==
8af062e7-safe-step-wide-10newweb_10h409000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/8af062e7-safe-step-wide-10newweb_10h409000000000000001o.jpg
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae64b1446294710917a40ec4a1e055f492267496c5336a3455f6febe297826f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
x-amz-version-id
VfMrC40GySLY0oGgGsxDzNSxGjOc8FBy
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"ea4f7304cfb6d8f44ab4d274d9e81f7d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
15911
x-amz-cf-id
Tbm77neOR2z_fWGY_yBueJ7xkNRaTzNNv9d8RdMkT5WyR14nsGUrjg==
b6b56d2e-white-arrow-down-right_103508i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/b6b56d2e-white-arrow-down-right_103508i000000000000028.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a22e18d8ccaf759c91a15cf28df9ecfec0f83220a6f6b0918df1963a4bf7aff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
x-amz-version-id
03UbgDOZl9CsgRffjWXtW05Kz7uRCv1J
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"84fca7e0a0576f653b8b9bc0440670ee"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5672
x-amz-cf-id
mTforjzybKz0a0AqwpS261gM__pLYQUpWj8Lgr0fWLN2ylb7jkGcyg==
f74d85de-safesteptub1250x450_10jp07300000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.safesteptubs.ca/google-ppc-sst/f74d85de-safesteptub1250x450_10jp07300000000000001o.jpg
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-155.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0676c45287802d0b3254acfb14762cf72539a579758d3f7ad4e9145624af247c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
x-amz-version-id
z.MYWlOs1Ok9b2zcL63AUYHoqYTIj2_c
via
1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 21:12:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
etag
"c13d85062055ece613f1105516a4f691"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16434
x-amz-cf-id
QO4uQJxem1zEesfP9tZp8ExgcK3hwgXZjW0bF1De4OKDOkTJpLTObg==
1590552544551921
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1590552544551921?v=2.9.125&r=stable&domain=offers.safesteptubs.ca
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
f4a74999573277218b2670b20fb215cfbaac2648cdc30403977ce61e02ed7d29
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Sep 2023 04:26:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
wS0LxrqyDEb4kqdQCWokDuAsV0DjND36+Ju3wxqRCqgP2S/XhOvIxXvc5iX5jbWVduJ05aOyWZ3ah5zXc8XTPQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.94.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-94-158.compute-1.amazonaws.com
Software
/
Resource Hash
655b7bf9cfeb0414877d035994854580a7e4a407f5937cbcc961da04babdaa44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 04:26:48 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.94.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-94-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 04:26:48 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
sp-2.14.0.js
d1wbjksx0xxdn3.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.15.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-15-38.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 19:23:26 GMT
content-encoding
gzip
via
1.1 bd3f4df95f7c836cc4eb6a22d92ac2c2.cloudfront.net (CloudFront)
x-amz-version-id
0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop
IAD12-P4
age
1415003
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30399
last-modified
Mon, 26 Jun 2023 16:59:50 GMT
server
AmazonS3
etag
"73de733c308b8b5e44d2a6242dc4bd99"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
66U6UP--slZhhFuR8W8ELbiTWA2X6Clcx9qFbn9mCFivox8fWtF_QQ==
5858046.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5858046.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 07 Sep 2023 04:26:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 82BB9D87555E4A0FAB6D9C995BFDFCF2 Ref B: YTO01EDGE0517 Ref C: 2023-09-07T04:26:48Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5858046&Ver=2&mid=b516ddb6-5977-45f1-804b-653805bc79b1&sid=c29752204d3611ee94ed0bea7cbc0aa8&vid=c2977c204d3611ee8426b3f2ea90376e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20walk-in%20tub%20that%20can%20change%20your%20life.&kw=walk-in%20tubs&p=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&r=&lt=342&evt=pageLoad&sv=1&rn=620234
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Sep 2023 04:26:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 466DE4DCB7154516AB6C4DCD200F5113 Ref B: YTO01EDGE0517 Ref C: 2023-09-07T04:26:48Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		451 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers.safesteptubs.ca/
Origin
https://offers.safesteptubs.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 04:09:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3363VV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 03:47:16 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2372
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Sep 2023 05:47:16 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-994394862&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3363VV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
713fbb8c648b995265ca9fb368887f864d71deb9255a416ce2f1ce4dbe98bf4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71506
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Sep 2023 04:26:48 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-783651190&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3363VV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0ab32498d67e3e43d139d6d00ac4e9058b2e26657e204b706b3a28fda4cc5198
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69613
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Sep 2023 04:26:48 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/783651190/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783651190/?random=1694060808368&cv=11&fst=1694060808368&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&hn=www.googleadservices.com&frm=0&tiba=The%20walk-in%20tub%20that%20can%20change%20your%20life.&auid=1849583312.1694060808&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-783651190
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
5f6288d93151f1c560a1dbd9270cbfb12e094b5c330ee5c6991b59e5ab23d5c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1356
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994394862/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994394862/?random=1694060808403&cv=11&fst=1694060808403&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&hn=www.googleadservices.com&frm=0&tiba=The%20walk-in%20tub%20that%20can%20change%20your%20life.&auid=1849583312.1694060808&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994394862
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
5dcdf078611d571e2ddbd7c357211b7a19ff803f88785ef05dc46d46529c7fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1354
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1694060808425&e=pv&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&page=The%20walk-in%20tub%20that%20can%20change%20your%20life.&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=America%2FLos_Angeles&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=4b4a0d4a-87ee-4821-9e2a-9eef6c208252&dtm=1694060808423&vp=1600x1200&ds=1600x2831&vid=1&sid=df12cf78-898e-4653-a720-2049564f21b7&duid=7b55f795-5325-47e4-b71d-69af600116bc&uid=1012583e-c93e-4203-a65e-5f001c77ada8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMmFkNTk1YzYtMWY3NC00YzM4LWFlNGItMTJjMmIyMzIzZTJhIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.147.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-147-137.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.ub-assets.com/fonts/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:regular,700,500,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-13.iad89.r.cloudfront.net
Software
/
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Montserrat:regular,700,500,300,600
Origin
https://offers.safesteptubs.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 00:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
30928
via
1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
1138301
x-amzn-requestid
24d95517-6474-4812-8e93-68133bb869de
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
KMLV6GUvoAMEJJA=
content-length
30956
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64e7f28b-004a641b17efaf9b73cb6934
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
k5MEaWjFl_zzvTxCLaZk8Td9o8Evda6npgV4A8GLN7mwdjP4yn9R6g==
LAchatwindow.css
cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/LAchatwindow.css
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
654f70c27d817b6e3794a433930f3b9fa4391b9a5bb625bee1d2cc192e93f6f5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 17:45:10 GMT
etag
"fcaba93339cad51:0"
x-hw
1694060808.cds026.ch4.hn,1694060808.cds257.ch4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4357
strophe.js
cdn.thelivechatsoftware.com/scripts/JQuery/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/scripts/JQuery/strophe.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
52cae6b1ad48ded876116e1aad48f2f8e45a7de77a322b1f0b6ac18d1369efa6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2016 07:34:58 GMT
etag
"7e5b3abdd8d1d11:0"
x-hw
1694060808.cds026.ch4.hn,1694060808.cds055.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
18221
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1590552544551921&ev=PageView&dl=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&rl=&if=false&ts=1694060808481&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1694060808479.1847804493&it=1694060808306&coo=false&rqm=GET
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Sep 2023 04:26:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
modules.91496bd4b5704a120511.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.91496bd4b5704a120511.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1519317.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-45.iad12.r.cloudfront.net
Software
/
Resource Hash
2e2190206559ea5c28a587d699098ecc1bdd5a8caf82523ffa38d4afdcf7810b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f9c59ce0e830fcb72cbcdb26622739f0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
30103
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55576
last-modified
Wed, 06 Sep 2023 20:04:10 GMT
etag
"996d8963a5f0106cc750e28690439a5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oOT-jHUsvMW_hMvrOJeJLup9KRBLfJtd91bA5PEmZ0Tu0tgeO-rUKw==
collect
www.google-analytics.com/j/ 		16 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=221070399&t=pageview&_s=1&dl=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&ul=en-us&de=UTF-8&dt=The%20walk-in%20tub%20that%20can%20change%20your%20life.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=208516575&gjid=1582676157&cid=2027591504.1694060809&tid=UA-35940146-4&_gid=1786053499.1694060809&_r=1&_slc=1&gtm=45He38u0n81N3363VV&z=409920730
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
414ff589e2e492938a2038bca982157cc0a785c73de5d5539dc8bbc637292286
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.safesteptubs.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.safesteptubs.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ 		94 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=siACFFXA-3PkgY2hezm8pw&is_js=true&landing_url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&t=The%20walk-in%20tub%20that%20can%20change%20your%20life.&tip=CKo5gcMEgwG-vpr5NcZ1-fSDcObA_EDNL7vJG-raU2k&host=https://offers.safesteptubs.ca&sa_conv_data_css_value=%270-4ad0ee67-b182-5e70-4fb6-d5d72c3d22f5%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd94ad0ee67b1825e704fb6d5d72c3d22f556300ef7&sa-user-id-v3=s%253AAQAKIBntsJ-ZwhfUZLobReg8rDOC6bY7lHF_16dFJBvxJPquEHwYBCCIouWnBjABOgT_Q_f4QgTiZjNh.Z1ghU1XjXIsfRtW%252BjpRkOW%252Fw23m9SKLfUzQPbsZjz40&sa-user-id-v2=s%253AStDuZ7GCXnBPttXXLD0i9VYwDvc.ECQc9tqk8%252BeKl4%252BZCMi69DZkICtTSdwCzMCcwzaKVTk&sa-user-id=s%253A0-4ad0ee67-b182-5e70-4fb6-d5d72c3d22f5.Q435m0vdVW9VHrdSHRHRNP7TwQQfwsaPMJzDgwWxCRQ
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.94.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-94-158.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
https://offers.safesteptubs.ca
date
Thu, 07 Sep 2023 04:26:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
94
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
anchor
www.google.com/recaptcha/api2/ Frame 9416 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
05f93e5bf481ca5a6fc03393b2b249dc32209760cea31e6450f1218611087ad0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vE6VD-kdJ8--UhjMUqr18w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers.safesteptubs.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31624
content-security-policy
script-src 'report-sample' 'nonce-vE6VD-kdJ8--UhjMUqr18w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 04:26:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/994394862/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994394862/?random=1694060808403&cv=11&fst=1694059200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&frm=0&tiba=The%20walk-in%20tub%20that%20can%20change%20your%20life.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1286272756&rmt_tld=0&ipr=y
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/994394862/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/994394862/?random=1694060808403&cv=11&fst=1694059200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&frm=0&tiba=The%20walk-in%20tub%20that%20can%20change%20your%20life.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1286272756&rmt_tld=1&ipr=y
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/783651190/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/783651190/?random=1694060808368&cv=11&fst=1694059200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&frm=0&tiba=The%20walk-in%20tub%20that%20can%20change%20your%20life.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=787484186&rmt_tld=0&ipr=y
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/783651190/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/783651190/?random=1694060808368&cv=11&fst=1694059200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&frm=0&tiba=The%20walk-in%20tub%20that%20can%20change%20your%20life.&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=787484186&rmt_tld=1&ipr=y
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-35940146-4&cid=2027591504.1694060809&jid=208516575&gjid=1582676157&_gid=1786053499.1694060809&_u=YEBAAEAAAAAAACAAI~&z=620050157
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.safesteptubs.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 07 Sep 2023 04:26:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.safesteptubs.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CV6KR9E06Z&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
21b2bbc3afb9ac9800632c30467f481310f3f5514bb437398b63ec4b739d02a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85244
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Sep 2023 04:26:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35940146-4&cid=2027591504.1694060809&jid=208516575&_u=YEBAAEAAAAAAACAAI~&z=1212418516
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-35940146-4&cid=2027591504.1694060809&jid=208516575&_u=YEBAAEAAAAAAACAAI~&z=1212418516
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 9416 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 03:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 03:59:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 9416 		451 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 04:09:07 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CV6KR9E06Z&gtm=45je3960h2&_p=221070399&_gaz=1&ul=en-us&sr=1600x1200&cid=2027591504.1694060809&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&dt=The%20walk-in%20tub%20that%20can%20change%20your%20life.&sid=1694060808&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CV6KR9E06Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.safesteptubs.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CV6KR9E06Z&cid=2027591504.1694060809&gtm=45je3960h2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CV6KR9E06Z&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers.safesteptubs.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CV6KR9E06Z&cid=2027591504.1694060809&gtm=45je3960h2&aip=1&z=1956121103
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9416 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 04:12:28 GMT
x-content-type-options
nosniff
age
432860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 09 Sep 2023 04:12:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9416 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:00:36 GMT
x-content-type-options
nosniff
age
138373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 14:00:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9416 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 01:39:53 GMT
x-content-type-options
nosniff
age
96416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 01:39:53 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9416 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS&co=aHR0cHM6Ly9vZmZlcnMuc2FmZXN0ZXB0dWJzLmNhOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=q1dew1o96a5u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 07 Sep 2023 04:26:48 GMT
jqueryforchat.js
cdn.thelivechatsoftware.com/scripts/JQuery/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/scripts/JQuery/jqueryforchat.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
3eac57a639d30a40ce3ec3e6a3eb17434a6af10b4c795d70bb53c8271c76da03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:48 GMT
content-encoding
gzip
last-modified
Thu, 19 Jan 2017 10:05:59 GMT
etag
"599ef1a13b72d21:0"
x-hw
1694060808.cds026.ch4.hn,1694060808.cds192.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
42752
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1590552544551921&ev=Microdata&dl=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&rl=&if=false&ts=1694060809082&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20walk-in%20tub%20that%20can%20change%20your%20life.%22%2C%22meta%3Akeywords%22%3A%22walk-in%20tubs%22%2C%22meta%3Adescription%22%3A%22Safe%20Step%20walk-in%20tubs%20allow%20you%20to%20get%20in%20a%20out%20of%20the%20tub%20without%20effort%20and%20in%20total%20safety%2C%20thanks%20to%20our%20low-step%20in%2C%20safety%20grab%20bars%20and%20wide%20door.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22The%20walk-in%20tub%20that%20can%20change%20your%20life.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1694060808479.1847804493&it=1694060808306&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Sep 2023 04:26:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bframe
www.google.com/recaptcha/api2/ Frame 2959 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
cebc1fce35531e510fd5bc9455323fa79240b17e683710fa45770d5f88bc811d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iT_nxvMUewfYDdPd3HfdkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers.safesteptubs.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1159
content-security-policy
script-src 'report-sample' 'nonce-iT_nxvMUewfYDdPd3HfdkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 04:26:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 2959 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 03:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 03:59:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 2959 		451 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185062
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Sep 2024 04:09:07 GMT
jqueryuiforchat-la.js
cdn.thelivechatsoftware.com/scripts/JQuery/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/scripts/JQuery/jqueryuiforchat-la.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
ec63f7641f4db34bead16736ee43bf4937e95c2dd4f87c35c460acbb8613a011

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Thu, 19 Jan 2017 10:05:59 GMT
etag
"1961f6a13b72d21:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds190.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
9035
jquery.signalR-2.1.2.min-la.js
blue.thelivechatsoftware.com/signalrserver/Scripts/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thelivechatsoftware.com/signalrserver/Scripts/jquery.signalR-2.1.2.min-la.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.166.2.67 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Chat Server /
Resource Hash
fa37427b6160f87c09187937d1d786da314df4b1cd81a73c8210f575b116f8de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 15:41:56 GMT
server
Chat Server
etag
"07aea6c75e8d31:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
14950
reload
www.google.com/recaptcha/api2/ Frame 2959 		40 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
7c19df8c23cd32cde07b0f990a1e2379d2b3d1d1bb22f4301e8eeb2c26389c54
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25162
x-xss-protection
1; mode=block
expires
Thu, 07 Sep 2023 04:26:49 GMT
hubssingle-la-2.js
blue.thelivechatsoftware.com/signalrserver/scripts/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thelivechatsoftware.com/signalrserver/scripts/hubssingle-la-2.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.166.2.67 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Chat Server /
Resource Hash
e1b1a79285bc6c7163c7d5904c408b4a8a80b6e8dc159ed9694e9b991c09ef4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Mon, 04 Feb 2019 20:48:30 GMT
server
Chat Server
etag
"0a320fccabcd41:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2960
gvars.js
cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/ 		1 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/gvars.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7c99a5499d746031746d220583cbf69c6e006547ada7231bdd4637fc2347aa6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2019 16:05:44 GMT
etag
"604c718f254d51:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds082.ch4.sc,1694060809.cds082.ch4.pr
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
718
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2959 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:08:21 GMT
x-content-type-options
nosniff
age
440308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 09 Sep 2023 02:08:21 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2959 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 22:47:29 GMT
x-content-type-options
nosniff
age
452360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 08 Sep 2023 22:47:29 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 2959 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 00:08:16 GMT
x-content-type-options
nosniff
age
447513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 09 Sep 2023 00:08:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2959 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:00:36 GMT
x-content-type-options
nosniff
age
138373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 14:00:36 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2959 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 16:11:25 GMT
x-content-type-options
nosniff
age
130524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 16:11:25 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2959 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 01:39:53 GMT
x-content-type-options
nosniff
age
96416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 01:39:53 GMT
payload
www.google.com/recaptcha/api2/ Frame 2959 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06ADUVZwDJVHB_IeLh9aezHSeI05NYJogFn8wJPXedxurkMx4kEfwfowI4jy6FveZaLC8MHlOSEr2D7ntskpIpmaaLNpVX51TiOkE1GrxnbQEgwwvJhlZ9aDHnqBOzldTBPg3pJReCb_mUwTdPER_WQh5TdAhaxi-Z3QoDJV7wS-4Af3P-fIoAz2Ii0j08BK06lEvjkNbd9IumFWSIG3AeS-rWMeYzQxBelQ&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f99.1e100.net
Software
GSE /
Resource Hash
7fed860e5f1eeb9b7708a0beb92d58a0208d4aa07be7ffb6bb1be5ff7e5c91db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LcMjswnAAAAAF7KR-lgzXUDcs8xbrffgYcPHecS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33942
x-xss-protection
1; mode=block
expires
Thu, 07 Sep 2023 04:26:49 GMT
vb.js
thelivechatsoftware.com/dashboard/cwgen/Company/LiveAdmins/safesteptubs.ca/new/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thelivechatsoftware.com/dashboard/cwgen/Company/LiveAdmins/safesteptubs.ca/new/vb.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.106.20.60 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
9c67f2dac2480480699117cb7d0bbd628a991759117db4d94eb49e82da9f6db9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Tue, 16 Oct 2018 21:22:24 GMT
etag
"028a2549665d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
3470
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 23:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 23:59:42 GMT
LAchatwindow.js
cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/LAchatwindow.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
98e9ccef8fcd57c77a1f042a62daba433ddb44cf1dadcf089b018cf02d342664

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Tue, 16 Oct 2018 21:22:24 GMT
etag
"028a2549665d41:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds020.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
3025
css
fonts.googleapis.com/ 		775 B
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
2fdba028bf5bb5f94fe0180bbf318d8b2345fa8d338d9d8936794d9e1f67544e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 04:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 04:26:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 04:26:50 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
Requested by
Host: cdn.thelivechatsoftware.com
URL: https://cdn.thelivechatsoftware.com/Company/LiveAdmins/safesteptubs.ca/new/LAchatwindow.js?v=02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
674, 617, 617
age
6620327
cdn-cachedat
2021-06-06 14:08:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
dbd3b42fcbc23bb1a5f08e3f98199279
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
802c321d7b4036bd-YYZ
cdn-requestpullsuccess
True
safesteptubs-logo.png
cdn.thelivechatsoftware.com/skin/UrlButton/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thelivechatsoftware.com/skin/UrlButton/safesteptubs-logo.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
4bd966743085b2b79b7c375f295d5fa2cc486ee1a55585c2666833fe26d4f5e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
last-modified
Tue, 16 Oct 2018 21:06:45 GMT
etag
"2bc344259465d41:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds268.ch4.sc,1694060809.cds268.ch4.pr
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
24244
safesteptubs-minimizeStatus.gif
cdn.thelivechatsoftware.com/skin/MinimizedStatus/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thelivechatsoftware.com/skin/MinimizedStatus/safesteptubs-minimizeStatus.gif
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
4741b0d6ac118a2c2c2e0e582d0b2313ab2957f96b7769aa39e6c783b0fa3fbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
last-modified
Tue, 16 Oct 2018 21:13:43 GMT
etag
"49b4231e9565d41:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds067.ch4.c
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1833
greeterImg.png
cdn.thelivechatsoftware.com/skin/pop/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.thelivechatsoftware.com/skin/pop/greeterImg.png
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
2dcfc5b2fab5aeb7aff01e99f5e9b5a3c043436d92365f52018685de06844635

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
last-modified
Mon, 10 Oct 2016 13:24:33 GMT
etag
"7ad9d6a3f922d21:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds246.ch4.sc,1694060809.cds246.ch4.pr
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
969
jqchatscriptyui.js
cdn.thelivechatsoftware.com/scripts/ 		161 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelivechatsoftware.com/scripts/jqchatscriptyui.js?v=02
Requested by
Host: thelivechatsoftware.com
URL: https://thelivechatsoftware.com/Dashboard/cwgen/scripts/la_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
08521141e3164d374be222213cae1f46ee3bef91157921f3ac14257d294930c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 10:04:06 GMT
etag
"953287bde42d81:0"
x-hw
1694060809.cds026.ch4.hn,1694060809.cds087.ch4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=604800
accept-ranges
bytes
content-length
43312
negotiate
blue.thelivechatsoftware.com/signalrserver/signalr/hubs/ 		453 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thelivechatsoftware.com/signalrserver/signalr/hubs/negotiate?clientProtocol=1.5&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%5D&callback=jQuery111107319269571730025_1694060809204&_=1694060809205
Requested by
Host: cdn.thelivechatsoftware.com
URL: https://cdn.thelivechatsoftware.com/scripts/JQuery/jqueryforchat.js?v=02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.166.2.67 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Chat Server /
Resource Hash
a0f9066eb9d6398e7622726a923c500256f96955f7978ed5e3c5e492aa5d9c3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:49 GMT
cache-control
no-cache
x-content-type-options
nosniff
server
Chat Server
content-type
application/javascript; charset=UTF-8
ReadValueBot
blue.thelivechatsoftware.com/VisitorServiceXMPPSSL/ChatService.svc/ 		46 B
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thelivechatsoftware.com/VisitorServiceXMPPSSL/ChatService.svc/ReadValueBot?callback=jQuery111107319269571730025_1694060809206&method=laScriptObj.ReadValueResponse&_=1694060809207
Requested by
Host: cdn.thelivechatsoftware.com
URL: https://cdn.thelivechatsoftware.com/scripts/JQuery/jqueryforchat.js?v=02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.166.2.67 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Chat Server /
Resource Hash
61b8edffb41a05934c8f8e4df32cb4cf78e591073f8432aa1a94b9f6d81f7d2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
cache-control
private
server
Chat Server
content-length
46
content-type
application/json; charset=utf-8
GetWI
blue.thelivechatsoftware.com/VisitorServiceXMPPSSL/ChatService.svc/ 		82 B
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thelivechatsoftware.com/VisitorServiceXMPPSSL/ChatService.svc/GetWI?callback=jQuery111107319269571730025_1694060809204&parD=offers.safesteptubs.ca&parR=1694060809639&method=laScriptObj.onGetWebsiteIDResponse&_=1694060809208
Requested by
Host: cdn.thelivechatsoftware.com
URL: https://cdn.thelivechatsoftware.com/scripts/JQuery/jqueryforchat.js?v=02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.166.2.67 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Chat Server /
Resource Hash
a862b1d5198d23146a3214cad82e75e38d1c6cca47f161f30d556b7f945711f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:49 GMT
cache-control
private
server
Chat Server
content-length
82
content-type
application/json; charset=utf-8
1519317
vc.hotjar.io/sessions/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1519317?s=0.25&r=0.10478390863397724
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.91496bd4b5704a120511.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-95.jfk50.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:50 GMT
via
1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
P3U_MKZ_-v-1JbaDKqVWsLIJoC_Ww3uVg84QdkIvQmRSl7RYuOJLFg==
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.safesteptubs.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 00:48:01 GMT
x-content-type-options
nosniff
age
99529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12372
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:30:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Sep 2024 00:48:01 GMT
roundtrip.js
s.adroll.com/j/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: offers.safesteptubs.ca
URL: https://offers.safesteptubs.ca/google-ppc-sst/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-56.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
2W0nFhLgp3U9gUvvEzXT9GuNEpd6A6yg
Content-Encoding
gzip
Via
1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
Date
Thu, 07 Sep 2023 04:25:50 GMT
Age
63
X-Amz-Cf-Pop
IAD61-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 03 Aug 2023 19:17:31 GMT
Server
AmazonS3
Etag
W/"67e54a60303cfbf4c3b977aa390ad408"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
-kxeW6lykxcwlTsK1tkUA00a6_lRPDRI5TLhhyZYeNSSJRMtxomoEw==
start
blue.thelivechatsoftware.com/signalrserver/signalr/hubs/ 		69 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thelivechatsoftware.com/signalrserver/signalr/hubs/start?transport=webSockets&clientProtocol=1.5&connectionToken=SjSqSU0FZsAOYr3s0b%2FjU9TAH3vBV%2Fk7%2FaX7yA%2F3y5o9yU46XvKDPJeSUnez8%2F4C1YChxI%2BPSfbLpxnIP%2FEqJBEcTV%2FHIjJ4Z7hWq2WVkOFXIdDsDfY90VS%2FUw6hjNkc&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%5D&callback=jQuery111107319269571730025_1694060809204&_=1694060809209
Requested by
Host: cdn.thelivechatsoftware.com
URL: https://cdn.thelivechatsoftware.com/scripts/JQuery/jqueryforchat.js?v=02
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.166.2.67 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Chat Server /
Resource Hash
e2fcbcfc8279a8af116b2732e967b21e7a20f80a4fc55c6ae911eb495fb5058e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:50 GMT
cache-control
no-cache
x-content-type-options
nosniff
server
Chat Server
content-type
application/javascript; charset=UTF-8
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/EW3LHI5ACFA2XOHIGZCMHS/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
3.162.103.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-56.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK
Date
Wed, 06 Sep 2023 15:22:08 GMT
Via
1.1 8696978c2d465ffc3a342761ace51d9e.cloudfront.net (CloudFront)
Age
47085
X-Amz-Cf-Pop
IAD61-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Aug 2023 18:30:18 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
CKQGYC2aQVAkxRrE_EkmF9NxTbrZtjGq9flc3RPhc9sJ44DS0gudLg==

Redirect headers

Date
Wed, 06 Sep 2023 18:52:42 GMT
Via
1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
Age
34450
X-Amz-Cf-Pop
IAD61-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ZPo2IXgKKJot4PqcP5An1Om-C2XYjrEibHw2Df5Z7YKZoHirJ2Litw==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
3.162.103.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-56.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Wed, 06 Sep 2023 15:22:07 GMT
Via
1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
Age
47086
X-Amz-Cf-Pop
IAD61-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
eQEV1KJgKdPwvWtss7UQ3jrxQC4KIYfKfHWcfhX0wca1kFWt0wSodQ==

Redirect headers

Date
Wed, 06 Sep 2023 18:52:41 GMT
Via
1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
Age
34450
X-Amz-Cf-Pop
IAD61-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
u2fvl-PpbN0eWgMKSuVW-faQEOF8HR6UeCHHw2QNz8wfIpJ9_T6PMg==
index.js
s.adroll.com/j/pre/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-56.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
1EdSJxcfByNvcZ9wu2m17nsE2rZVwGVN
Date
Thu, 07 Sep 2023 04:26:52 GMT
Via
1.1 a47a23f37fc6f8e50c6d5f0b1b9273c6.cloudfront.net (CloudFront)
Age
3475
X-Amz-Cf-Pop
IAD61-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Sat, 02 Sep 2023 11:19:17 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
VcNhv6i69y9WBYTOiqS5BxlzTCJUGQ6rWRr75KOWrjI52vQXXM_tDA==
EW3LHI5ACFA2XOHIGZCMHS
d.adroll.com/consent/check/ 		494 B
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/EW3LHI5ACFA2XOHIGZCMHS?pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&_s=4961e6a013be2a5d76a1dde3e280ad28&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.240.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-25.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
13d63b2a1b6f428de5ae9a2448b3a7cb894f56b74e15bd1d163016e66bd676bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
494
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
2UNKNSNOVFDNNCB4GFAO5R.js
s.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/
Redirect Chain
  • https://d.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%...
  • https://s.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/2UNKNSNOVFDNNCB4GFAO5R.js
16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/2UNKNSNOVFDNNCB4GFAO5R.js
Protocol
HTTP/1.1
Server
3.162.103.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-56.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e52f062067f16c73b48346a638fe859dbc6dc999dda587961a3b4e16843e4dc9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Amz-Version-Id
R8MnHDiYH72A5XHwDgJnwOCP7B39U5me
Content-Encoding
gzip
Via
1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
Date
Thu, 07 Sep 2023 04:26:52 GMT
Age
3475
X-Amz-Cf-Pop
IAD61-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 12 Jul 2023 11:58:44 GMT
Server
AmazonS3
Etag
W/"9cf0df4845dfc56606020094538158f8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
A9znfAVhpAtQ7-QvGKAKvKr5TqFOUPjpOOsNVIF5a2Z_cIKnXoceyA==

Redirect headers

date
Thu, 07 Sep 2023 04:26:52 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.22.1
x-rule
*
x-segment-eid
2UNKNSNOVFDNNCB4GFAO5R
location
https://s.adroll.com/pixel/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34/2UNKNSNOVFDNNCB4GFAO5R.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
4M4I66PIVNHW5DVTKFJW34
x-segment-name
*
x-advertisable-eid
EW3LHI5ACFA2XOHIGZCMHS
x-conversion-currency
472346079585997
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/472346079585997?v=2.9.125&r=stable&domain=offers.safesteptubs.ca
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
da10f88d579421a31b73329e701a1adcfc2b58f3fd55222a06023e673ae24547
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Sep 2023 04:26:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
wYbeC9T0R2+H2eoLvQuBwkxtlyFeyjoJm0wcjX59w2J3+cG1fqrCEQBzjguJ0AJUSUIm+IHcqcHu63zR+qfDWQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
4M4I66PIVNHW5DVTKFJW34
d.adroll.com/onp/EW3LHI5ACFA2XOHIGZCMHS/ 		42 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/onp/EW3LHI5ACFA2XOHIGZCMHS/4M4I66PIVNHW5DVTKFJW34?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&pv=48257738056.185295&ev=t%3Dtop%26f%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.240.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-25.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
x-advertisable-eid
EW3LHI5ACFA2XOHIGZCMHS
content-length
42
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 04:26:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Date
Thu, 07 Sep 2023 04:26:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=GW6MbUc6_Qi3oswq6BISEw
  • https://d.adroll.com/cm/g/in
42 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
34.196.240.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-25.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expiration=1725596812
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expiration=1725596812&C=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expiration=1725596812&C=1
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ1rC4Q7I6JuWP0Louw3U8fV43%2BGak%2Fkd6rNys7JdTdIsrzV6cx2MB3IlfYVfyilrlVQVFQbrf4h7qQ%2F56uf0a83xFzdG8RnEWyMtwKQvo6xqXOBKCErNiLCX%2FqPKEPG1JMI0aQufbiuWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
802c322e7ac6387e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hur7SfGBrRBkC7DbY0H2nfq49EPE07nAm%2FCrNldZbYqonUcjLUua34yPEnVZUq1yOIDLk5sNOBqnS1unSK8UYSDMWmK%2F9YNQY%2BC4l%2BUPxWq1LIuuFoR9LGTY22ENaXskwlWE6%2BJHVFYKbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=105&external_user_id=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expiration=1725596812&C=1
cache-control
no-cache
cf-ray
802c322e3a82387e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://idsync.rlcdn.com/377928.gif?partner_uid=196e8c6d473afd08b7a2cc2ae8121213
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTMQABoNCIyi5acGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e2b4efe40dd6cf609b5cdf91709ce3318c5f078e2db11453974449e62fe7255c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlMmI0ZWZlNDBkZDZjZjYwOWI1Y2RmOTE3MDljZTMzMThjNWYwNzhlMmRiMTE0NTM5NzQ0NDllNjJmZTcyNTVjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlMmI0ZWZlNDBkZDZjZjYwOWI1Y2RmOTE3MDljZTMzMThjNWYwNzhlMmRiMTE0NTM5NzQ0NDllNjJmZTcyNTVjNzkxNDI2YjU0MTdkY2UyMRAAGgwIjaLlpwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=42c9dcbe-0994-443c-8639-53d36c77bf42
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=42c9dcbe-0994-443c-8639-53d36c77bf42
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=42c9dcbe-0994-443c-8639-53d36c77bf42
date
Thu, 07 Sep 2023 04:26:53 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expires=365
42 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expires=365
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&expires=365
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=196e8c6d473afd08b7a2cc2ae8121213&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=196e8c6d473afd08b7a2cc2ae8121213&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=196e8c6d473afd08b7a2cc2ae8121213&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=196e8c6d473afd08b7a2cc2ae8121213&gdpr=0&gdpr_consent=
date
Thu, 07 Sep 2023 04:26:52 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=&us_privacy=1---
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 04:26:52 GMT
Cache-Control
no-cache
X-TraceId
2e11eaa1a413232ddaab1603b3ef5b3a
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=&us_privacy=1---
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 04:26:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date
Thu, 07 Sep 2023 04:26:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3L...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Protocol
H2
Server
141.226.224.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 04:26:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19297

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=E...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 07 Sep 2023 04:26:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 07 Sep 2023 04:26:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&advertisable=EW3LHI5ACF...
  • https://ib.adnxs.com/setuid?entity=172&code=MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
Protocol
H2
Server
68.67.178.10 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:53 GMT
an-x-request-uuid
0bd1b49e-a193-4553-869a-99e353530758
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.14.247; 86.48.14.247; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:53 GMT
an-x-request-uuid
d284caa2-6abf-4233-a40c-a86e8922aaa9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.14.247; 86.48.14.247; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://d.adroll.com/fb/tr/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&id=472346079585997&ev=Vie...
  • https://www.facebook.com/tr/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&id=472346079585997&ev=Vi...
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&id=472346079585997&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%2Fgoogle-ppc-sst%2F_&cd[application_id]=321379434608647&cd[product_catalog_id]=1701322810188488&cd[external_id]=GW6MbUc6_Qi3oswq6BISEw
Protocol
H3
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Sep 2023 04:26:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Redirect headers

location
https://www.facebook.com/tr/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&id=472346079585997&ev=ViewContent&cd[content_type]=product&cd[content_ids]=%2Fgoogle-ppc-sst%2F_&cd[application_id]=321379434608647&cd[product_catalog_id]=1701322810188488&cd[external_id]=GW6MbUc6_Qi3oswq6BISEw
pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
390
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
/
d.adroll.com/p/EW3LHI5ACFA2XOHIGZCMHS/ 		42 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/p/EW3LHI5ACFA2XOHIGZCMHS/?adroll_fpc=b199db684f9618a90b56a4377ac95907-1694060812329&pv=48257738056.185295&arrfrr=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&adroll_product_id=/google-ppc-sst/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.240.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-25.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 04:26:52 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
x-advertisable-eid
EW3LHI5ACFA2XOHIGZCMHS
content-length
42
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=472346079585997&ev=PageView&dl=https%3A%2F%2Foffers.safesteptubs.ca%2Fgoogle-ppc-sst%2F&rl=&if=false&ts=1694060812513&cd[segment_eid]=2UNKNSNOVFDNNCB4GFAO5R&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=29&fbp=fb.1.1694060808479.1847804493&it=1694060808306&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-yyz1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://offers.safesteptubs.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Sep 2023 04:26:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
portal.broadsidemedia.com
URL
https://portal.broadsidemedia.com/static/pageview.js

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| $ function| jQuery object| lp object| ub object| module object| uetq function| gtag object| dataLayer function| hj object| _hjSettings function| fbq function| _fbq function| saq function| _saq object| _mfq string| adroll_adv_id string| adroll_pix_id string| WGAccountID function| onValidCaptcha function| checkCaptcha function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| UnbounceSnowplowNamespace function| ubSnowplow function| UET function| UET_init function| UET_push object| ueto_62dc8e1845 object| google_tag_manager object| google_tag_data object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| mouseflowHeatmap object| mouseflow function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| errorFn string| urlHost boolean| SRerror object| WGWindowLoader object| WebFontConfig object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData object| res object| saCookies string| current_window_url_param object| closure_lm_887 function| flxhr function| getInternetExplorerVersion function| lesserVersionEight function| versionEight function| versionNine function| versionTen function| checkVersion object| Strophe function| $build function| $msg function| $iq function| $pres object| jQuery111107319269571730025 object| WGWindowConstant string| MascotString object| wgChar string| Mlog object| Mascot boolean| hide boolean| charnone boolean| isActive1 boolean| play string| animCookie boolean| showconsoles function| consoles object| La boolean| timeflag string| host object| arrayWithElements string| WebAddress string| currentPage function| getData function| getCookieLocal object| pageOpen object| WebFont string| ChatDivString string| bubAnimString function| showWindowSimple boolean| chatminimized function| OnOff object| msgDiv string| msgCounter function| doOnOrientationChange object| ChatDiv object| bubAnim string| LC_onlineImg string| LC_offlineImg string| cwg_hostColor string| cwg_visitorColor string| cwg_messageColor string| cwg_chatColor string| website boolean| MLang object| allLanguages object| viewportTag object| panelHead undefined| poweredByShow undefined| poweredByHide string| offlineFormNew object| offlineFormDiv undefined| fileAttachHtml undefined| invalidFileHtml boolean| offlineBtnClicked object| actualUserIds object| laScriptObj object| myLanguages object| langArray undefined| spaceRemoved function| ValidateOfflineContactForm string| minimizeButtonImg string| ua object| dBrowser object| onChatwindowStartHeightEvent object| wgAlertSound undefined| hideMyWIndowVar boolean| animStop function| bubbleAppear function| docked function| hideGreetBubble function| hideOnLoad function| hideMyWindow object| DomStyle object| WGVisitor object| WGWebsite object| WGChat object| WGMLanguage object| WGAdManagement object| oldWinOnUnload function| HideOffline function| OfflineCall function| offlineEmailSentResponse object| charReg object| onYuiEndFileEvent function| clickEventTrackingResponse number| clickedEvent string| LinkText string| getAnchor function| eventDetectCall object| fileUploaderController function| CreateIframeAdWords undefined| jQuery111107319269571730025_1694060809204 function| getJsonServiceResponseNew function| getJsonServiceResponseUpdated undefined| jQuery111107319269571730025_1694060809206 string| remaining_url number| domain_i boolean| __adroll_loaded string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms string| adroll_rule_type

56 Cookies

Domain/Path Name / Value
offers.safesteptubs.ca/google-ppc-sst/ Name: ubpv
Value: a%2C2ad595c6-1f74-4c38-ae4b-12c2b2323e2a
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGruPJYlv9hrTjgIbx-l20Vh1kZSIl3OXysb1EuBmMnqlcel4iJSNfHReOLUwXd9tCBU1G5P_yFP0dCnM8hnWws
offers.safesteptubs.ca/ Name: ubvs
Value: 1012583e-c93e-4203-a65e-5f001c77ada8
.safesteptubs.ca/ Name: ubvt
Value: v2%7C1012583e-c93e-4203-a65e-5f001c77ada8%7C2ad595c6-1f74-4c38-ae4b-12c2b2323e2a%3Aa%3Asingle
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ad0ee67-b182-5e70-4fb6-d5d72c3d22f5.Q435m0vdVW9VHrdSHRHRNP7TwQQfwsaPMJzDgwWxCRQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ad0ee67-b182-5e70-4fb6-d5d72c3d22f5.Q435m0vdVW9VHrdSHRHRNP7TwQQfwsaPMJzDgwWxCRQ
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AStDuZ7GCXnBPttXXLD0i9VYwDvc.ECQc9tqk8%2BeKl4%2BZCMi69DZkICtTSdwCzMCcwzaKVTk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AStDuZ7GCXnBPttXXLD0i9VYwDvc.ECQc9tqk8%2BeKl4%2BZCMi69DZkICtTSdwCzMCcwzaKVTk
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBntsJ-ZwhfUZLobReg8rDOC6bY7lHF_16dFJBvxJPquEHwYBCCIouWnBjABOgT_Q_f4QgTiZjNh.Z1ghU1XjXIsfRtW%2BjpRkOW%2Fw23m9SKLfUzQPbsZjz40
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBntsJ-ZwhfUZLobReg8rDOC6bY7lHF_16dFJBvxJPquEHwYBCCIouWnBjABOgT_Q_f4QgTiZjNh.Z1ghU1XjXIsfRtW%2BjpRkOW%2Fw23m9SKLfUzQPbsZjz40
offers.safesteptubs.ca/ Name: sa-user-id
Value: s%253A0-4ad0ee67-b182-5e70-4fb6-d5d72c3d22f5.Q435m0vdVW9VHrdSHRHRNP7TwQQfwsaPMJzDgwWxCRQ
offers.safesteptubs.ca/ Name: sa-user-id-v2
Value: s%253AStDuZ7GCXnBPttXXLD0i9VYwDvc.ECQc9tqk8%252BeKl4%252BZCMi69DZkICtTSdwCzMCcwzaKVTk
offers.safesteptubs.ca/ Name: sa-user-id-v3
Value: s%253AAQAKIBntsJ-ZwhfUZLobReg8rDOC6bY7lHF_16dFJBvxJPquEHwYBCCIouWnBjABOgT_Q_f4QgTiZjNh.Z1ghU1XjXIsfRtW%252BjpRkOW%252Fw23m9SKLfUzQPbsZjz40
.safesteptubs.ca/ Name: _uetsid
Value: c29752204d3611ee94ed0bea7cbc0aa8
.safesteptubs.ca/ Name: _uetvid
Value: c2977c204d3611ee8426b3f2ea90376e
.safesteptubs.ca/ Name: _gcl_au
Value: 1.1.1849583312.1694060808
.bing.com/ Name: MUID
Value: 04AC4C80EE3A6D753E245F05EF906CF9
.bat.bing.com/ Name: MR
Value: 0
.safesteptubs.ca/ Name: _fbp
Value: fb.1.1694060808479.1847804493
.safesteptubs.ca/ Name: _ga
Value: GA1.2.2027591504.1694060809
.safesteptubs.ca/ Name: _gid
Value: GA1.2.1786053499.1694060809
.safesteptubs.ca/ Name: _gat_UA-35940146-4
Value: 1
.safesteptubs.ca/ Name: _ga_CV6KR9E06Z
Value: GS1.2.1694060808.1.0.1694060808.60.0.0
.offers.safesteptubs.ca/ Name: CD
Value: 2023-04-07
.safesteptubs.ca/ Name: _hjSessionUser_1519317
Value: eyJpZCI6IjdjOWUzOTk4LTQ4ZTAtNWYxMS1hMGEyLTAxZDUyNjAxOGEwNiIsImNyZWF0ZWQiOjE2OTQwNjA4MDk2NzAsImV4aXN0aW5nIjpmYWxzZX0=
.safesteptubs.ca/ Name: _hjFirstSeen
Value: 1
.safesteptubs.ca/ Name: _hjIncludedInSessionSample_1519317
Value: 1
.safesteptubs.ca/ Name: _hjSession_1519317
Value: eyJpZCI6IjE0NWQ0YjljLTk4ZTgtNDM3My04OTQxLWVlYmIxZjdhZGVkNiIsImNyZWF0ZWQiOjE2OTQwNjA4MDk2NzEsImluU2FtcGxlIjp0cnVlfQ==
.safesteptubs.ca/ Name: _hjAbsoluteSessionInProgress
Value: 1
.offers.safesteptubs.ca/ Name: WG_WEB
Value: {'W_I':'0','P_L':'null','T_Z':'null'}
.offers.safesteptubs.ca/ Name: __adroll_fpc
Value: b199db684f9618a90b56a4377ac95907-1694060812329
.offers.safesteptubs.ca/ Name: __ar_v4
Value: %7CEW3LHI5ACFA2XOHIGZCMHS%3A20230907%3A1%7C4M4I66PIVNHW5DVTKFJW34%3A20230907%3A1%7C2UNKNSNOVFDNNCB4GFAO5R%3A20230907%3A1
.openx.net/ Name: i
Value: f9ebf62c-1399-4655-aa5d-98106954c8b9|1694060812
.casalemedia.com/ Name: CMID
Value: ZPlRDERLTANrfYjKQaRiZQAA
.casalemedia.com/ Name: CMPS
Value: 3549
.casalemedia.com/ Name: CMPRO
Value: 3549
.doubleclick.net/ Name: IDE
Value: AHWqTUm5Z_BKDAcu6RFJsbxCYJmmTGODZkj9T7iELYRnasesjZlLtCZk_SPGrIReuy0
.rubiconproject.com/ Name: khaos
Value: LM8O2GQ2-1E-8FOI
.rubiconproject.com/ Name: audit
Value: 1|W86BPsHjn2piJO3ahPCR/NTRVw2As70ZvWyOyL7LseTWwnqaNf+hUQsMujPQweFXfRwG7sB+afUwHTRO1/p4iGlty70eE65yR164mUDQhphJnKuoXdYGNqJ6iZiOx4ypcL+jXkHBdjNZ2WmcYVVELH+qOTv5DEekG5zKxl8DALFK8UEcsJvQYCbyzRQDbtqQCwfRAfYnv8yyqVI1k5poNA==
.d.adroll.com/ Name: __adroll
Value: 196e8c6d473afd08b7a2cc2ae8121213-g_1694060812-a_1694060812
.adroll.com/ Name: __adroll_shared
Value: 196e8c6d473afd08b7a2cc2ae8121213-g_1694060812-a_1694060812
.bidswitch.net/ Name: tuuid
Value: dc20c72e-e78e-4d8a-9c55-388dabd10bde
.bidswitch.net/ Name: c
Value: 1694060812
.bidswitch.net/ Name: tuuid_lu
Value: 1694060812
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&KRTB&22883-MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM&KRTB&23504-MTk2ZThjNmQ0NzNhZmQwOGI3YTJjYzJhZTgxMjEyMTM
.pubmatic.com/ Name: PugT
Value: 1694060811
.rlcdn.com/ Name: pxrc
Value: CIyi5acGEgUI6AcQABIFCOhHEAA=
.pippio.com/ Name: did
Value: anGWzSUbrWjRHN-j
.pippio.com/ Name: didts
Value: 1694060813
.pippio.com/ Name: nnls
Value:
.yahoo.com/ Name: A3
Value: d=AQABBA1R-WQCEAqclF85WyLkSD67O5tsp0AFEgEBAQGi-mQDZSXaxyMA_eMAAA&S=AQAAAuhZU4skZ_FJPt6mJNIml90
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~2ds4
.pippio.com/ Name: pxrc
Value: CI2i5acGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 42c9dcbe-0994-443c-8639-53d36c77bf42
.linksynergy.com/ Name: icts
Value: 2023-09-07T04:26:53Z
.rlcdn.com/ Name: rlas3
Value: khxWv+G7uW8SJ9T0f4fUf6zrCdl0cn/wJC+B2onHpkk=

1 Console Messages

Source Level URL
Text
network error URL: https://portal.broadsidemedia.com/static/pageview.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
bat.bing.com
blue.thelivechatsoftware.com
builder-assets.unbounce.com
cdn.mouseflow.com
cdn.thelivechatsoftware.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
fonts.ub-assets.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
netdna.bootstrapcdn.com
offers.safesteptubs.ca
pippio.com
pixel.rubiconproject.com
portal.broadsidemedia.com
s.adroll.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tags.rd.linksynergy.com
tags.srv.stackadapt.com
thelivechatsoftware.com
ups.analytics.yahoo.com
us-u.openx.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
portal.broadsidemedia.com
104.18.10.207
104.18.39.155
104.36.113.107
107.178.254.65
108.166.2.67
13.107.21.200
141.226.224.48
142.250.31.94
142.251.111.94
142.251.111.99
142.251.163.95
142.251.167.101
142.251.167.156
151.139.128.10
172.253.115.94
172.253.63.102
172.253.63.155
172.253.63.95
172.253.63.97
174.129.147.137
18.154.230.155
18.160.15.38
18.160.18.45
18.160.41.49
18.164.96.95
18.165.83.40
18.67.65.13
184.106.20.60
3.162.103.56
3.228.94.158
31.13.80.12
31.13.80.36
34.196.240.25
34.200.65.202
34.205.248.193
34.98.67.3
35.190.60.146
35.211.178.172
35.244.159.8
52.223.22.214
68.67.178.10
70.42.32.159
8.43.72.97
05f93e5bf481ca5a6fc03393b2b249dc32209760cea31e6450f1218611087ad0
0676c45287802d0b3254acfb14762cf72539a579758d3f7ad4e9145624af247c
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
08521141e3164d374be222213cae1f46ee3bef91157921f3ac14257d294930c8
0ab32498d67e3e43d139d6d00ac4e9058b2e26657e204b706b3a28fda4cc5198
0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8
13d63b2a1b6f428de5ae9a2448b3a7cb894f56b74e15bd1d163016e66bd676bf
1a22e18d8ccaf759c91a15cf28df9ecfec0f83220a6f6b0918df1963a4bf7aff
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cea5295b16f8664420b1fcbc9701302d8933c9f9b3a3ad7da3a862c5c0579b0
21b2bbc3afb9ac9800632c30467f481310f3f5514bb437398b63ec4b739d02a1
2dcfc5b2fab5aeb7aff01e99f5e9b5a3c043436d92365f52018685de06844635
2e2190206559ea5c28a587d699098ecc1bdd5a8caf82523ffa38d4afdcf7810b
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2fdba028bf5bb5f94fe0180bbf318d8b2345fa8d338d9d8936794d9e1f67544e
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
37f97eb48a7a1e1b94ed33e67eb07afba86ceae9aafb65ef0ec4bddbbcd46b5f
3b7c8fa72df2bc78b3ddae89b7ec3e375d1da2c4a69c85ef367a6295f8fd0259
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ea58057003f82b101433d502cf28f544cc42f026c23c4f7b5ff594a38101d2a
3eac57a639d30a40ce3ec3e6a3eb17434a6af10b4c795d70bb53c8271c76da03
41482a603df6517ec458cba296234f318f022f9276916c5710db3dd916ea36e7
414ff589e2e492938a2038bca982157cc0a785c73de5d5539dc8bbc637292286
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4741b0d6ac118a2c2c2e0e582d0b2313ab2957f96b7769aa39e6c783b0fa3fbc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd966743085b2b79b7c375f295d5fa2cc486ee1a55585c2666833fe26d4f5e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52cae6b1ad48ded876116e1aad48f2f8e45a7de77a322b1f0b6ac18d1369efa6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dcdf078611d571e2ddbd7c357211b7a19ff803f88785ef05dc46d46529c7fed
5f6288d93151f1c560a1dbd9270cbfb12e094b5c330ee5c6991b59e5ab23d5c2
61b8edffb41a05934c8f8e4df32cb4cf78e591073f8432aa1a94b9f6d81f7d2d
654f70c27d817b6e3794a433930f3b9fa4391b9a5bb625bee1d2cc192e93f6f5
655b7bf9cfeb0414877d035994854580a7e4a407f5937cbcc961da04babdaa44
6daea6ad3fc586cb5e55a004c57d7880e5c6b5ebaba7cdf9650d2b165c9dbe4f
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
713fbb8c648b995265ca9fb368887f864d71deb9255a416ce2f1ce4dbe98bf4a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c19df8c23cd32cde07b0f990a1e2379d2b3d1d1bb22f4301e8eeb2c26389c54
7c99a5499d746031746d220583cbf69c6e006547ada7231bdd4637fc2347aa6a
7fed860e5f1eeb9b7708a0beb92d58a0208d4aa07be7ffb6bb1be5ff7e5c91db
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86e50ed2286884e17bb99138fbf16f92cc559d2c3989cef92261504f7dcfa476
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a210569cc6eadbd3f6a434af65cc614ed2c413a721927f254ebe4972732e84f
90ebd88464322dde10acb37ef26969e2208a12ec2958dd11640f185917724342
9138dbd360dadf1337dee6c9e94267854f42db6e99ddd8815a7433d6f31f49ce
92096741209b24b4e2882bb4f8b18ea1bbccf0666ed12c8a84529a4c1a26e293
98e9ccef8fcd57c77a1f042a62daba433ddb44cf1dadcf089b018cf02d342664
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9c67f2dac2480480699117cb7d0bbd628a991759117db4d94eb49e82da9f6db9
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a0f9066eb9d6398e7622726a923c500256f96955f7978ed5e3c5e492aa5d9c3b
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a62caa70f7f890ea15042c831f4693b902e3f9efbc054d9b74b6c9e8b0d69b08
a862b1d5198d23146a3214cad82e75e38d1c6cca47f161f30d556b7f945711f7
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ae64b1446294710917a40ec4a1e055f492267496c5336a3455f6febe297826f3
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3ed386969580147275c1c34653b03549e5f323a4b49c84fe1df445e37b57ef1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cebc1fce35531e510fd5bc9455323fa79240b17e683710fa45770d5f88bc811d
d1b498ebe1608b042d03c4971ac6eb82efb8299f7a58f3d7883d817d947153ab
da10f88d579421a31b73329e701a1adcfc2b58f3fd55222a06023e673ae24547
dda105da8cfe5ba252e2da1d0911aa48fb1d233cde73817b5f2f81f9914e5b71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1b1a79285bc6c7163c7d5904c408b4a8a80b6e8dc159ed9694e9b991c09ef4d
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e2fcbcfc8279a8af116b2732e967b21e7a20f80a4fc55c6ae911eb495fb5058e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52f062067f16c73b48346a638fe859dbc6dc999dda587961a3b4e16843e4dc9
ec63f7641f4db34bead16736ee43bf4937e95c2dd4f87c35c460acbb8613a011
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3927e2c485fe86020cd58c68240a09982a99051aafff9d6b434b76d54d44a2f
f4a74999573277218b2670b20fb215cfbaac2648cdc30403977ce61e02ed7d29
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa37427b6160f87c09187937d1d786da314df4b1cd81a73c8210f575b116f8de
fe5e157c57b8a5017a03e866ec659bd8efa054c5e54276593ab43be9420fba14