urlscan.io logo urlscan.io
SecurityTrails logo

www.mortgageboss.ca Open in urlscan Pro
40.86.210.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mortgageboss.ca/
Effective URL: https://www.mortgageboss.ca/
Submission: On April 23 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 40.86.210.34, located in Québec, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.mortgageboss.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 1st 2023. Valid for: a year.
This is the only time www.mortgageboss.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 40.86.210.34 8075 (MICROSOFT...)
2 172.253.115.95 15169 (GOOGLE)
3 104.18.17.155 13335 (CLOUDFLAR...)
1 142.251.167.95 15169 (GOOGLE)
1 3.162.3.56 16509 (AMAZON-02)
3 142.251.167.102 15169 (GOOGLE)
1 142.250.31.94 15169 (GOOGLE)
1 52.3.125.130 14618 (AMAZON-AES)
1 142.251.111.155 15169 (GOOGLE)
1 142.251.111.97 15169 (GOOGLE)
28 10
14    40.86.210.34 (Québec, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.mortgageboss.ca
2    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
3    104.18.17.155 (None, )

ASN13335 (CLOUDFLARENET, US)
js.userpilot.io
find.userpilot.io
1    142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
ajax.googleapis.com
1    3.162.3.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-56.yul62.r.cloudfront.net
cdn.heapanalytics.com
3    142.251.167.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f102.1e100.net
www.google-analytics.com
1    142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
fonts.gstatic.com
1    52.3.125.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-125-130.compute-1.amazonaws.com
heapanalytics.com
1    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
stats.g.doubleclick.net
1    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
14 mortgageboss.ca
www.mortgageboss.ca
601 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
3 userpilot.io
js.userpilot.io — Cisco Umbrella Rank: 18614
find.userpilot.io — Cisco Umbrella Rank: 22732
259 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
7 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 1946
heapanalytics.com — Cisco Umbrella Rank: 1389
38 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
87 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
349 B
1 gstatic.com
fonts.gstatic.com
19 KB
28 8
Domain Requested by
14 www.mortgageboss.ca www.mortgageboss.ca
3 www.google-analytics.com www.mortgageboss.ca
www.google-analytics.com
www.googletagmanager.com
2 js.userpilot.io www.mortgageboss.ca
js.userpilot.io
2 fonts.googleapis.com www.mortgageboss.ca
ajax.googleapis.com
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 heapanalytics.com www.mortgageboss.ca
1 find.userpilot.io js.userpilot.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.heapanalytics.com www.mortgageboss.ca
1 ajax.googleapis.com www.mortgageboss.ca
28 11

This site contains links to these domains. Also see Links.

Domain
5.mortgageboss.ca
Subject Issuer Validity Valid
*.mortgageboss.ca
Go Daddy Secure Certificate Authority - G2		 2023-11-01 -
2024-12-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
userpilot.io
GTS CA 1P5		 2024-03-19 -
2024-06-17		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.mortgageboss.ca/
Frame ID: 9044E6F8C204CFC4D5A850FB4D3972C6
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MortgageBOSS | The Complete Dashboard for the Mortgage Professional

Page URL History Show full URLs

  1. http://www.mortgageboss.ca/ HTTP 307
    https://www.mortgageboss.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1032 kB
Transfer

2179 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mortgageboss.ca/ HTTP 307
    https://www.mortgageboss.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mortgageboss.ca/
Redirect Chain
  • http://www.mortgageboss.ca/
  • https://www.mortgageboss.ca/
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b5153f5b97ad0a9e8e9a7c87b1394d228c797e243a7061b2bac2d87cb4fd4962
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
*
cache-control
private
content-length
7046
content-type
text/html; charset=utf-8
date
Tue, 23 Apr 2024 13:38:03 GMT
server
Microsoft-IIS/10.0
srv
112
strict-transport-security
max-age=63072000; includeSubdomains; preload;

Redirect headers

Location
https://www.mortgageboss.ca/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		1 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Apr 2024 13:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 11:58:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Apr 2024 13:38:03 GMT
bootstrap.min.css
www.mortgageboss.ca/countdown/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/countdown/css/bootstrap.min.css
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Wed, 06 Sep 2017 22:03:39 GMT
server
Microsoft-IIS/10.0
etag
"ecabe9fe5b27d31:0"
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
121260
style.css
www.mortgageboss.ca/countdown/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/countdown/style.css
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
37b78aa39ac05f0120e8238a00c72ab6b27af4fdc6af903599755e66506ce90e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Wed, 06 Sep 2017 22:14:26 GMT
server
Microsoft-IIS/10.0
etag
"8a9336805d27d31:0"
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
18604
login3.css
www.mortgageboss.ca/styles/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/styles/login3.css
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bfb95fb8084520c6799a21ce25cfe1cbbfab5790db862d9490af8df2ae5fb1ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:14 GMT
server
Microsoft-IIS/10.0
etag
"a03294e31dead61:0"
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
2600
sha256.js
www.mortgageboss.ca/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/js/sha256.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3fbfb932c1ac3a398a3b7a873d0ef9af820f935995a6d956d587e9f74282ae46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:13 GMT
server
Microsoft-IIS/10.0
etag
"6b1593e21dead61:0"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
8935
jquery.js
www.mortgageboss.ca/js/ 		394 KB
395 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/js/jquery.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d267737d72f55202273c1b398a8c56263a2b6503c1326fac263f8508697615e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:12 GMT
server
Microsoft-IIS/10.0
etag
"c56d31e21dead61:0"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
403677
login.js
www.mortgageboss.ca/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/js/login.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6b276504bbdfbc5293aa7c095c45266af43ec69324aa7de7216453639b39abc7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:12 GMT
server
Microsoft-IIS/10.0
etag
"e74262e21dead61:0"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
2836
boss-logo.jpg
www.mortgageboss.ca/styles/loginImages/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mortgageboss.ca/styles/loginImages/boss-logo.jpg
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9556f1669491dad1cd281784d58f44b04e1c322e2be7025061ab0072e6cfb4de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:14 GMT
server
Microsoft-IIS/10.0
etag
"4f694e31dead61:0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
21796
email-icon.jpg
www.mortgageboss.ca/styles/loginImages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mortgageboss.ca/styles/loginImages/email-icon.jpg
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
483d2e0cd7d9e9a9552a02ccd63472517f38c5f08f46809fe90f351996ab89a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:14 GMT
server
Microsoft-IIS/10.0
etag
"6d4197e31dead61:0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
2848
video-icon.jpg
www.mortgageboss.ca/styles/loginImages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mortgageboss.ca/styles/loginImages/video-icon.jpg
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9841eb9fdcdc6d2ba50cf74d50131b6dacaeb1d8874a560fa6ae2944dd64d2ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:14 GMT
server
Microsoft-IIS/10.0
etag
"3a5a9de31dead61:0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
3330
boss_new_logo.png
www.mortgageboss.ca/styles/loginImages/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mortgageboss.ca/styles/loginImages/boss_new_logo.png
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3a71f1d13e7de36f7c3e205c567ed534d216edd9d7621b695083e4adf67e75cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 17 Mar 2022 19:17:01 GMT
server
Microsoft-IIS/10.0
etag
"da996694333ad81:0"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
15041
latest.js
js.userpilot.io/sdk/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userpilot.io/sdk/latest.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4da487ff19ff1ede92613410615f5f26d585037e124cc3c6bb70d87f02a4f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 13:38:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
x-amz-request-id
Y3S03AXE9QQ648XN
age
112
x-amz-server-side-encryption
AES256
x-amz-id-2
AYhafOgHpJ5/OvUyGiASsFwfs2wqiydM6O+bAA1q59x81R9ro3KkfyaE0jr1gerb1TbnNerRUNI=
cf-bgj
minify
last-modified
Tue, 23 Apr 2024 08:08:25 GMT
server
cloudflare
etag
W/"d1edb7df82eb2edc5d9ef0d1fdb7419a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=120
cf-ray
878e40758a4c36d5-YYZ
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 00:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
394339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 00:05:45 GMT
heap-1914377324.js
cdn.heapanalytics.com/js/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1914377324.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-56.yul62.r.cloudfront.net
Software
nginx / Express
Resource Hash
6ff9e14c2b856c8c30f18d1d4e1512e59cf6492b7a296c24516020d0d0f558ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 13:37:28 GMT
content-encoding
br
via
1.1 275c32bc50366db37e8c3324dfc942a6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
YUL62-P2
age
35
x-powered-by
Express
etag
W/"1d02e-6lbrTqFoIrMyUbt+5P0/k1+dG68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jdzgayNchdPMU1PpImzCpS200wIA_BQGueC8eX9Zk7SFr-NBrDd7cQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Apr 2024 12:32:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3907
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Apr 2024 14:32:57 GMT
app.js
js.userpilot.io/sdk/version/1.482/ 		1 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userpilot.io/sdk/version/1.482/app.js
Requested by
Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231b8236f286aeba9486b7cc09b2e78fe10d10472d47837c20cbcae6e192480f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 13:38:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
x-amz-request-id
Y3SDHX4DR6WW1BA6
age
19775
x-amz-server-side-encryption
AES256
x-amz-id-2
2LNkJhguTTDiVYhZp2K22QVpT+MmU5KI4g3AQVY245k21EIwcryM8ZW51EwPFKC/2Xm8hsvTk5A=
cf-bgj
minify
last-modified
Tue, 23 Apr 2024 08:08:23 GMT
server
cloudflare
etag
W/"180d27ae60f357a2a699e803be34f745"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
cf-ray
878e40767be836d5-YYZ
login-btn.jpg
www.mortgageboss.ca/styles/loginImages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mortgageboss.ca/styles/loginImages/login-btn.jpg
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/styles/login3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e34a3cab387ca5ca7f20a9d6b5b69abf31f8275ac9f449d49fb3314087d906fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/styles/login3.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:14 GMT
server
Microsoft-IIS/10.0
etag
"2b119be31dead61:0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
2772
password-btn.jpg
www.mortgageboss.ca/styles/loginImages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mortgageboss.ca/styles/loginImages/password-btn.jpg
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/styles/login3.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9f524f623b6ee0019018cd229455534b02647aaddc24c05c184fd683348e3188
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/styles/login3.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:35:14 GMT
server
Microsoft-IIS/10.0
etag
"abd39be31dead61:0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
2790
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.mortgageboss.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 20:57:43 GMT
x-content-type-options
nosniff
age
578421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 20:57:43 GMT
47hj30i7
find.userpilot.io/v1/lookups/ 		62 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://find.userpilot.io/v1/lookups/47hj30i7
Requested by
Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/version/1.482/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 13:38:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
5566
x-cache
Hit from findex
x-request-id
F8jnP5iVIHX1w5MAXamC
last-modified
Tue, 23 Apr 2024 12:05:18 GMT
server
cloudflare
vary
Accept-Encoding
x-ratelimit-remaining
59999
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-apo-via
origin,host
x-ratelimit-limit
60000
x-ratelimit-reset
1713873960000
cf-ray
878e4077aefc3a06-YYZ
css
fonts.googleapis.com/ 		1 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Apr 2024 13:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Apr 2024 13:38:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Apr 2024 13:38:04 GMT
collect
www.google-analytics.com/j/ 		16 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=744604377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mortgageboss.ca%2F&ul=en-ca&de=UTF-8&dt=MortgageBOSS%20%7C%20The%20Complete%20Dashboard%20for%20the%20Mortgage%20Professional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1855249161&gjid=84754064&cid=220660708.1713879484&tid=UA-73212243-1&_gid=1304623508.1713879484&_r=1&_slc=1&z=1887271797
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
756f5a2fb14bb0fb6f2b4c094f893d9570f0a26cc8787052aa5ac2b8ae19f1c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 13:38:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mortgageboss.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1914377324&u=7894809659916549&v=7096460244111099&s=291823104296302&b=web&tv=4.0&z=0&h=%2F&d=www.mortgageboss.ca&t=MortgageBOSS%20%7C%20The%20Complete%20Dashboard%20for%20the%20Mortgage%20Professional&ts=1713879484096&ubv=124.0.6367.60&upv=10.0.0&st=1713879484116
Requested by
Host: www.mortgageboss.ca
URL: https://www.mortgageboss.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.125.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-125-130.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 13:38:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
boss_favicon.jpg
www.mortgageboss.ca/ 		590 B
672 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mortgageboss.ca/boss_favicon.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.86.210.34 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9515a2b5be1dec6504341fc662fb540268d73297c8cb8f52ff40909d83ef9bea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload;
date
Tue, 23 Apr 2024 13:38:03 GMT
last-modified
Thu, 14 Jan 2021 02:34:47 GMT
server
Microsoft-IIS/10.0
etag
"e83e96d31dead61:0"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
srv
112
access-control-allow-headers
content-type
content-length
590
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73212243-1&cid=220660708.1713879484&jid=1855249161&gjid=84754064&_gid=1304623508.1713879484&_u=IEBAAEAAAAAAACAAI~&z=1059760809
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 Apr 2024 13:38:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mortgageboss.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1MY5B2VXTZ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
896caf72dfd95cdcbd492dda17c0273e5aaf4752a36362151248df8b1a932255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 13:38:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88527
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Apr 2024 13:38:04 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1MY5B2VXTZ&gtm=45je44h0v9112297126za200&_p=1713879484404&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-ca&sr=1600x1200&cid=220660708.1713879484&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.mortgageboss.ca%2F&dt=MortgageBOSS%20%7C%20The%20Complete%20Dashboard%20for%20the%20Mortgage%20Professional&sid=1713879484&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1366
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MY5B2VXTZ&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.mortgageboss.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 13:38:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mortgageboss.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| rotateRight function| choice function| majority function| sha256_Sigma0 function| sha256_Sigma1 function| sha256_sigma0 function| sha256_sigma1 function| sha256_expand object| K256 undefined| ihash undefined| count undefined| buffer string| sha256_hex_digits function| safe_add function| sha256_init function| sha256_transform function| sha256_update function| sha256_final function| sha256_encode_bytes function| sha256_encode_hex function| sha256_digest function| sha256_self_test function| check_password_complexity function| $ function| jQuery object| wo function| wopen function| show_msg function| ClearLoginMessage object| WebFontConfig object| heap string| GoogleAnalyticsObject function| ga object| userpilotSettings function| userpilotInitiator object| userpilotInitiatorSDK object| userpilotCallMethods object| userpilot object| tmp object| userpilotChecklist object| userpilotNps function| _userpilot object| userpilotIntegrations object| WebFont object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

7 Cookies

Domain/Path Name / Value
www.mortgageboss.ca/ Name: ASP.NET_SessionId
Value: pmuuwmrxjbqbpuypddbphqut
.mortgageboss.ca/ Name: _hp2_id.1914377324
Value: %7B%22userId%22%3A%227894809659916549%22%2C%22pageviewId%22%3A%227096460244111099%22%2C%22sessionId%22%3A%22291823104296302%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.mortgageboss.ca/ Name: _ga
Value: GA1.2.220660708.1713879484
.mortgageboss.ca/ Name: _gid
Value: GA1.2.1304623508.1713879484
.mortgageboss.ca/ Name: _gat
Value: 1
.mortgageboss.ca/ Name: _hp2_ses_props.1914377324
Value: %7B%22ts%22%3A1713879484096%2C%22d%22%3A%22www.mortgageboss.ca%22%2C%22h%22%3A%22%2F%22%7D
.mortgageboss.ca/ Name: _ga_1MY5B2VXTZ
Value: GS1.2.1713879484.1.0.1713879484.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.heapanalytics.com
find.userpilot.io
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js.userpilot.io
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.mortgageboss.ca
104.18.17.155
142.250.31.94
142.251.111.155
142.251.111.97
142.251.167.102
142.251.167.95
172.253.115.95
3.162.3.56
40.86.210.34
52.3.125.130
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
0b4da487ff19ff1ede92613410615f5f26d585037e124cc3c6bb70d87f02a4f4
231b8236f286aeba9486b7cc09b2e78fe10d10472d47837c20cbcae6e192480f
37b78aa39ac05f0120e8238a00c72ab6b27af4fdc6af903599755e66506ce90e
3a71f1d13e7de36f7c3e205c567ed534d216edd9d7621b695083e4adf67e75cf
3fbfb932c1ac3a398a3b7a873d0ef9af820f935995a6d956d587e9f74282ae46
483d2e0cd7d9e9a9552a02ccd63472517f38c5f08f46809fe90f351996ab89a4
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
6b276504bbdfbc5293aa7c095c45266af43ec69324aa7de7216453639b39abc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff9e14c2b856c8c30f18d1d4e1512e59cf6492b7a296c24516020d0d0f558ae
756f5a2fb14bb0fb6f2b4c094f893d9570f0a26cc8787052aa5ac2b8ae19f1c2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
896caf72dfd95cdcbd492dda17c0273e5aaf4752a36362151248df8b1a932255
9515a2b5be1dec6504341fc662fb540268d73297c8cb8f52ff40909d83ef9bea
9556f1669491dad1cd281784d58f44b04e1c322e2be7025061ab0072e6cfb4de
9841eb9fdcdc6d2ba50cf74d50131b6dacaeb1d8874a560fa6ae2944dd64d2ae
9f524f623b6ee0019018cd229455534b02647aaddc24c05c184fd683348e3188
b5153f5b97ad0a9e8e9a7c87b1394d228c797e243a7061b2bac2d87cb4fd4962
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfb95fb8084520c6799a21ce25cfe1cbbfab5790db862d9490af8df2ae5fb1ae
d267737d72f55202273c1b398a8c56263a2b6503c1326fac263f8508697615e7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e34a3cab387ca5ca7f20a9d6b5b69abf31f8275ac9f449d49fb3314087d906fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546