urlscan.io logo urlscan.io
SecurityTrails logo

canadaroofsaver.com Open in urlscan Pro
67.20.76.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://canadaroofsaver.com/booking/js
Effective URL: https://canadaroofsaver.com/dhl/
Submission: On April 04 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 26 HTTP transactions. The main IP is 67.20.76.74, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is canadaroofsaver.com.
TLS certificate: Issued by R3 on March 11th 2021. Valid for: 3 months.
This is the only time canadaroofsaver.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

7    67.20.76.74 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: host2008.hostmonster.com
canadaroofsaver.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com.eg
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com.eg
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    104.109.70.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-70-99.deploy.static.akamaitechnologies.com
www.dhl.com
1    104.23.140.12 (United States)

ASN13335 (CLOUDFLARENET, US)
image.prntscr.com
Domain Requested by
7 canadaroofsaver.com 2 redirects canadaroofsaver.com
5 securepubads.g.doubleclick.net canadaroofsaver.com
www.googletagservices.com
securepubads.g.doubleclick.net
3 adservice.google.com canadaroofsaver.com
3 adservice.google.com.eg canadaroofsaver.com
2 tpc.googlesyndication.com canadaroofsaver.com
securepubads.g.doubleclick.net
2 www.googletagservices.com canadaroofsaver.com
1 image.prntscr.com canadaroofsaver.com
1 www.dhl.com canadaroofsaver.com
1 www.googletagmanager.com canadaroofsaver.com
1 www.google-analytics.com canadaroofsaver.com
26 10

This site contains links to these domains. Also see Links.

Domain
www.walla.co.il
Subject Issuer Validity Valid
www.canadaroofsaver.solargreenzone.com
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
*.google.com.eg
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.dhl.com
DPDHL Global TLS CA - I5		 2020-08-04 -
2021-08-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://canadaroofsaver.com/dhl/
Frame ID: 89769703F55677C49F4953156751D500
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://canadaroofsaver.com/booking/js HTTP 301
    https://canadaroofsaver.com/booking/js/ Page URL
  2. https://canadaroofsaver.com/dhl HTTP 301
    https://canadaroofsaver.com/dhl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

26
Requests

92 %
HTTPS

64 %
IPv6

10
Domains

10
Subdomains

12
IPs

2
Countries

454 kB
Transfer

1455 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://canadaroofsaver.com/booking/js HTTP 301
    https://canadaroofsaver.com/booking/js/ Page URL
  2. https://canadaroofsaver.com/dhl HTTP 301
    https://canadaroofsaver.com/dhl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://canadaroofsaver.com/booking/js HTTP 301
  • https://canadaroofsaver.com/booking/js/

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
canadaroofsaver.com/booking/js/
Redirect Chain
  • https://canadaroofsaver.com/booking/js
  • https://canadaroofsaver.com/booking/js/
181 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://canadaroofsaver.com/booking/js/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.20.76.74 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
host2008.hostmonster.com
Software
nginx/1.19.5 /
Resource Hash
cf11ee480c48f4549785227f940e19e542a5a0075671cb581f9bc182567a19d5

Request headers

:method
GET
:authority
canadaroofsaver.com
:scheme
https
:path
/booking/js/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:39 GMT
server
nginx/1.19.5
content-type
text/html; charset=UTF-8
content-length
164
cache-control
max-age=300
expires
Sun, 04 Apr 2021 20:06:39 GMT
vary
Accept-Encoding
content-encoding
gzip
x-endurance-cache-level
2
x-server-cache
false

Redirect headers

date
Sun, 04 Apr 2021 20:01:39 GMT
server
nginx/1.19.5
content-type
text/html; charset=iso-8859-1
content-length
247
location
https://canadaroofsaver.com/booking/js/
cache-control
max-age=300
expires
Sun, 04 Apr 2021 20:06:39 GMT
x-server-cache
false
Primary Request /
canadaroofsaver.com/dhl/
Redirect Chain
  • https://canadaroofsaver.com/dhl
  • https://canadaroofsaver.com/dhl/
126 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.20.76.74 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
host2008.hostmonster.com
Software
nginx/1.19.5 /
Resource Hash
6777f8af5f264f4265e5d19f6d9871a873cca14adb5ef3b53c1c1131d5723f53

Request headers

:method
GET
:authority
canadaroofsaver.com
:scheme
https
:path
/dhl/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://canadaroofsaver.com/booking/js/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://canadaroofsaver.com/booking/js/

Response headers

date
Sun, 04 Apr 2021 20:01:43 GMT
server
nginx/1.19.5
content-type
text/html; charset=UTF-8
cache-control
max-age=300
expires
Sun, 04 Apr 2021 20:06:43 GMT
vary
Accept-Encoding
content-encoding
gzip
x-endurance-cache-level
2
x-server-cache
false

Redirect headers

date
Sun, 04 Apr 2021 20:01:43 GMT
server
nginx/1.19.5
content-type
text/html; charset=iso-8859-1
content-length
240
location
https://canadaroofsaver.com/dhl/
cache-control
max-age=300
expires
Sun, 04 Apr 2021 20:06:43 GMT
x-server-cache
false
integrator.js
adservice.google.com.eg/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.eg/adsid/integrator.js?domain=friends.walla.co.il
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=friends.walla.co.il
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6639
date
Sun, 04 Apr 2021 18:11:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sun, 04 Apr 2021 20:11:05 GMT
pubads_impl_rendering_2019070801.js
securepubads.g.doubleclick.net/gpt/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
0f5d6a89240be982d4543fcc3b47a049d3ed974efc2276c273eb172fe9176020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jul 2019 13:05:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25860
x-xss-protection
0
expires
Sun, 04 Apr 2021 20:01:44 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617218226621639"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
expires
Sun, 04 Apr 2021 20:01:43 GMT
gtm.js
www.googletagmanager.com/ 		356 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
421ceb4773028aa8ef253d61a231a346430515b7168816ea277e40c8f4ab6c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56573
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Apr 2021 20:01:44 GMT
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75798654d23f6c676a5a0f50ad26c80652ab85bb597b773b2b0688c7bf80d4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"833 / 526 of 1000 / last-modified: 1617401775"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19743
x-xss-protection
0
expires
Sun, 04 Apr 2021 20:01:44 GMT
glo-our-divisions-teaser-large.web.793.252.jpg
www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/ 		0
0
pubads_impl_2019070801.js
securepubads.g.doubleclick.net/gpt/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
710bb035af3b6a17b98e7a60f289cbda442b0160707bd4e6b02f9797acda1598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jul 2019 13:05:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56394
x-xss-protection
0
expires
Sun, 04 Apr 2021 20:01:44 GMT
glo-our-divisions-teaser-large.web.793.252.jpg
www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/ 		0
0
integrator.js
adservice.google.com.eg/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.eg/adsid/integrator.js?domain=localhost
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=localhost
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pubads_impl_2021031801.js
securepubads.g.doubleclick.net/gpt/ 		286 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 08:39:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102478
x-xss-protection
0
expires
Sun, 04 Apr 2021 20:01:44 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pubads_impl_2021033001.js
securepubads.g.doubleclick.net/gpt/ 		288 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060680
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
990b8aed006156731e08e68ec85706ebcf592462536e4374fa58a57fdee1c055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 08:37:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103184
x-xss-protection
0
expires
Sun, 04 Apr 2021 20:01:44 GMT
integrator.js
adservice.google.com.eg/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.eg/adsid/integrator.js?domain=localhost
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=localhost
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
dhl-logo.svg
www.dhl.com//content/dam/dhl/global/core/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dhl.com//content/dam/dhl/global/core/images/logos/dhl-logo.svg
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.70.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-70-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
Security Headers
Name Value
Content-Security-Policy default-src data: https: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443; script-src 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'unsafe-inline' https: http: blob:
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy default-src data: https: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443; script-src 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'unsafe-inline' https: http: blob:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src data: https: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443; script-src 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'unsafe-inline' https: http: blob:
content-encoding
gzip
x-content-type-options
nosniff
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
722
x-xss-protection
1; mode=block
last-modified
Thu, 25 Mar 2021 14:52:20 GMT
x-frame-options
DENY
date
Sun, 04 Apr 2021 20:01:44 GMT
strict-transport-security
max-age=31536000
content-type
image/svg+xml
expires
Sun, 11 Apr 2021 12:37:30 GMT
cache-control
public, max-age=578146
etag
"643-5be5d8ff8c4c9-gzip"
accept-ranges
bytes
x-webkit-csp
default-src data: https: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443; script-src 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'unsafe-inline' https: http: blob:
x-content-security-policy
default-src data: https: http: wss://cctr-chat.dhl.com:443 wss://cctr-xchat.dhl.com:443; script-src 'unsafe-inline' 'unsafe-eval' https: http:; style-src 'unsafe-inline' https: http: blob:
inline.b30c555ec93d5e8b24c8.bundle.js
canadaroofsaver.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaroofsaver.com/inline.b30c555ec93d5e8b24c8.bundle.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.20.76.74 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
host2008.hostmonster.com
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://canadaroofsaver.com/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:45 GMT
content-encoding
gzip
server
nginx/1.19.5
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://canadaroofsaver.com/wp-json/>; rel="https://api.w.org/"
content-length
4892
expires
Wed, 11 Jan 1984 05:00:00 GMT
scripts.eb27010e332a0e01cebe.bundle.js
canadaroofsaver.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaroofsaver.com/scripts.eb27010e332a0e01cebe.bundle.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.20.76.74 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
host2008.hostmonster.com
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://canadaroofsaver.com/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:45 GMT
content-encoding
gzip
server
nginx/1.19.5
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://canadaroofsaver.com/wp-json/>; rel="https://api.w.org/"
content-length
4892
expires
Wed, 11 Jan 1984 05:00:00 GMT
main.2135d531eeae70d97ef1.bundle.js
canadaroofsaver.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaroofsaver.com/main.2135d531eeae70d97ef1.bundle.js
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.20.76.74 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
host2008.hostmonster.com
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://canadaroofsaver.com/dhl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 20:01:45 GMT
content-encoding
gzip
server
nginx/1.19.5
vary
Accept-Encoding
x-endurance-cache-level
2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://canadaroofsaver.com/wp-json/>; rel="https://api.w.org/"
content-length
4892
expires
Wed, 11 Jan 1984 05:00:00 GMT
hhsH2h8wS7e755P3VB0d3g.png
image.prntscr.com/image/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.prntscr.com/image/hhsH2h8wS7e755P3VB0d3g.png
Requested by
Host: canadaroofsaver.com
URL: https://canadaroofsaver.com/dhl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		203 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3128758626955267&correlator=4476365915417100&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=21068030%2C44739387&vrg=2019070801&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20210404&iu_parts=43010785%2Cwalla%2Cfriends%2Cskyscrapper_desktop%2Ctop_desktop&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=300x600%2C120x600%7C160x600%2C970x90%7C970x250&prev_scp=exclusive%3Dnot%26slot_name%3Dskyscraper_desktop%7Cexclusive%3Dnot%26slot_name%3Dskyscraper_desktop%7Cexclusive%3Dnot%26slot_name%3Dtop_desktop&cookie_enabled=1&bc=31&abxe=1&lmt=1617566504&dt=1617566504338&dlt=1617566503964&idt=357&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C0%2C-9&adys=0%2C0%2C-9&adks=979713698%2C933772751%2C1581205155&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcanadaroofsaver.com%2Fdhl%2F&ref=https%3A%2F%2Fcanadaroofsaver.com%2Fbooking%2Fjs%2F&dssz=33&icsg=2430092675033771&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1584x0%7C1584x0%7C0x-1&msz=0x0%7C0x0%7C0x-1&ga_vid=695216660.1617566504&ga_sid=1617566504&ga_hid=1993298385&fws=128%2C128%2C2&ohw=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1bd05e125ef3d7c1b11e6a2bd07459ef0dbeede76af3184812d9c3e34b10c27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 20:01:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://canadaroofsaver.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125
x-xss-protection
0
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://canadaroofsaver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dhl.com
URL
https://www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/glo-our-divisions-teaser-large.web.793.252.jpg?ver=1
Domain
www.dhl.com
URL
https://www.dhl.com/content/dam/dhl/global/core/images/teaser-large-2730x868/glo-our-divisions-teaser-large.web.793.252.jpg?ver=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_tag_data function| ga object| gaplugins object| google_js_reporting_queue object| ggeac function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| isNumberKey object| googletag object| google_tag_manager function| postscribe object| google_tag_manager_external object| dataLayer string| GoogleAnalyticsObject object| gaGlobal object| gaData undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| googleToken object| googleIMState number| google_unique_id object| google_reactive_ads_global_state object| closure_memoize_cache_ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls function| google_osd_amcb

2 Cookies

Domain/Path Name / Value
.canadaroofsaver.com/ Name: _gid
Value: GA1.2.929165216.1617566504
.canadaroofsaver.com/ Name: _ga
Value: GA1.2.695216660.1617566504

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.eg
canadaroofsaver.com
image.prntscr.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.dhl.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.dhl.com
104.109.70.99
104.23.140.12
142.250.185.98
2a00:1450:4001:800::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
67.20.76.74
0f5d6a89240be982d4543fcc3b47a049d3ed974efc2276c273eb172fe9176020
1bd05e125ef3d7c1b11e6a2bd07459ef0dbeede76af3184812d9c3e34b10c27d
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
421ceb4773028aa8ef253d61a231a346430515b7168816ea277e40c8f4ab6c72
6777f8af5f264f4265e5d19f6d9871a873cca14adb5ef3b53c1c1131d5723f53
710bb035af3b6a17b98e7a60f289cbda442b0160707bd4e6b02f9797acda1598
75798654d23f6c676a5a0f50ad26c80652ab85bb597b773b2b0688c7bf80d4be
990b8aed006156731e08e68ec85706ebcf592462536e4374fa58a57fdee1c055
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
cf11ee480c48f4549785227f940e19e542a5a0075671cb581f9bc182567a19d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4