urlscan.io logo urlscan.io
SecurityTrails logo

websites.ca Open in urlscan Pro
159.203.53.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://restoreouranthem.ca/
Effective URL: https://websites.ca/?r=w357
Submission: On October 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 32 HTTP transactions. The main IP is 159.203.53.140, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is websites.ca.
TLS certificate: Issued by R3 on July 21st 2021. Valid for: 3 months.
This is the only time websites.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    159.203.53.140 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
restoreouranthem.ca
websites.ca
3    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    13.225.87.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-90.fra2.r.cloudfront.net
m2d.m2.ai
1    2600:9000:20eb:2a00:5:3aaa:f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pubguru.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.58.119.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-119-106.eu-central-1.compute.amazonaws.com
a3.pubguru.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 websites.ca websites.ca
5 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 fundingchoicesmessages.google.com websites.ca
3 a3.pubguru.net m2d.m2.ai
3 www.google.com websites.ca
www.gstatic.com
www.google.com
1 fonts.googleapis.com
1 www.googletagmanager.com websites.ca
1 cdn.pubguru.com websites.ca
1 m2d.m2.ai websites.ca
1 restoreouranthem.ca 1 redirects
32 11
Subject Issuer Validity Valid
websites.ca
R3		 2021-07-21 -
2021-10-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.m2.ai
Amazon		 2021-01-14 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.pubguru.net
Amazon		 2021-05-26 -
2022-06-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://websites.ca/?r=w357
Frame ID: 17DF6BA2F04B9DC955B7CA66089B1897
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Frame ID: 173B8F10203E684711B28E78CC6BCD65
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Find local business websites, promote your business, web design in Canada

Page URL History Show full URLs

  1. https://restoreouranthem.ca/ HTTP 301
    https://websites.ca/?r=w357 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

32
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1409 kB
Transfer

2810 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://restoreouranthem.ca/ HTTP 301
    https://websites.ca/?r=w357 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
websites.ca/
Redirect Chain
  • https://restoreouranthem.ca/
  • https://websites.ca/?r=w357
12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
a62dbeddb33b84d5c80428766c5caf16290208471bb6ad4b45822a258d3b56b1

Request headers

:method
GET
:authority
websites.ca
:scheme
https
:path
/?r=w357
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
Express
x-wca
hr:false,sa:false
content-type
text/html; charset=utf-8
content-length
12467
etag
W/"30b3-U3PlzDZudp/jZwRYaNOB1mRXfL8"
cache-control
max-age=300
date
Sat, 02 Oct 2021 04:20:59 GMT

Redirect headers

location
https://websites.ca/?r=w357
date
Sat, 02 Oct 2021 04:20:58 GMT
bootstrap.custom.min.css
websites.ca/asset/bootstrap/css/ 		139 KB
140 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://websites.ca/asset/bootstrap/css/bootstrap.custom.min.css
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
4efab6ea03136dac37a9cb6dd38286fc7f9a3d1509ba6091fb5c9c1a3908cbe4

Request headers

:path
/asset/bootstrap/css/bootstrap.custom.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"22d3a-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css; charset=UTF-8
content-length
142650
public.css
websites.ca/asset/src/css/ 		911 B
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://websites.ca/asset/src/css/public.css
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
ec004679e23d6f2564dd2e3094f2117908da9c3829231bafd1a4d0495e100c83

Request headers

:path
/asset/src/css/public.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"38f-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css; charset=UTF-8
content-length
911
logo-sm-En.png
websites.ca/asset/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websites.ca/asset/img/logo-sm-En.png
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
1a06fdf20ae1c7efab98913a2c2728db4b35487f6f748daa263e3e454a169da8

Request headers

:path
/asset/img/logo-sm-En.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"18ac-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
image/png
content-length
6316
jquery.min.js
websites.ca/asset/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websites.ca/asset/jquery/jquery.min.js
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path
/asset/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"15d84-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
89476
popper.min.js
websites.ca/asset/popper/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websites.ca/asset/popper/popper.min.js
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

:path
/asset/popper/popper.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"520c-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
21004
bootstrap.bundle.min.js
websites.ca/asset/bootstrap/js/ 		77 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websites.ca/asset/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

:path
/asset/bootstrap/js/bootstrap.bundle.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"1332b-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
78635
closure.js
websites.ca/asset/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websites.ca/asset/js/closure.js
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
29867a9252bab546ffcf63de06dec5803dc198d8665604b272acf32ff0658846

Request headers

:path
/asset/js/closure.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"2600-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
9728
api.js
www.google.com/recaptcha/ 		884 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60bbfb26a74e7414c86e0b5ccc66e87856f1e64eb5d4ee212664c7be6ff91434
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Sat, 02 Oct 2021 04:20:59 GMT
pg.websites.js
m2d.m2.ai/ 		567 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m2d.m2.ai/pg.websites.js
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-90.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6def50a5d781ea0eb97d67ab03930e7d0e6b20e4e60bbc7f281986d5b26f31ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:21:00 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 15:49:43 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
W/"1650466a7c1bfac961e93f37c7abd493"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Tj03RjQdliNumy3ouUn8OM1ym0Z-iL1LAo3-CBsAGj9dN3ZPBrBWrA==
fb.js
cdn.pubguru.com/ 		1013 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pubguru.com/fb.js
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2a00:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d2ba1afbfd92cba1bed039b1562cfca77e23fdb8df3272c9cb6f51ebb02fa19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 20:48:07 GMT
content-encoding
gzip
last-modified
Fri, 09 Oct 2020 14:01:06 GMT
server
AmazonS3
age
27173
etag
W/"0275e34e092169e948a69b76ef396f31"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
x-amz-version-id
dEl0hjkpHvGrYMHvUnuJgpp9lfixHU0U
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
muElNe6w7VCakcjcY2HW57SUXgG1bJJirzc-y3lRCG4BRSTdbnV77Q==
gtm.js
www.googletagmanager.com/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDTD8KC
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c21652e030737e9f554a9a6fea3d5affd03133f9f973d13dc096ae870969faf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42053
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 04:20:59 GMT
bg10.jpg
websites.ca/asset/img/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websites.ca/asset/img/bg10.jpg
Requested by
Host: websites.ca
URL: https://websites.ca/?r=w357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.203.53.140 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
0f4ca266de351f7301a03a3e4f65ee2b3ffcc6fc0d83d89ed1ce5f378691cf6f

Request headers

:path
/asset/img/bg10.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
websites.ca
referer
https://websites.ca/?r=w357
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/?r=w357
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
etag
W/"37d69-17bf4d63460"
last-modified
Fri, 17 Sep 2021 17:38:04 GMT
x-powered-by
Express
x-wca
hr:true,sa:true
cache-control
max-age=300
accept-ranges
bytes
content-type
image/jpeg
content-length
228713
AGSKWxUaV-vWjsiChKRrPq5dAcj2nbr9HdlOoF_cYUTt0OOCjg1FhHDsWguWpo4OsF44hHysgPjpnSPNx1aZvoBDcF0=
fundingchoicesmessages.google.com/f/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUaV-vWjsiChKRrPq5dAcj2nbr9HdlOoF_cYUTt0OOCjg1FhHDsWguWpo4OsF44hHysgPjpnSPNx1aZvoBDcF0=
Requested by
Host: websites.ca
URL: https://websites.ca/asset/js/closure.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d655ea02762160372523386ffee45e8e8fa82f583c792603b2fd29ac89235a3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-65guahHr4Oe88WywKtAqfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-65guahHr4Oe88WywKtAqfA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-65guahHr4Oe88WywKtAqfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-65guahHr4Oe88WywKtAqfA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://websites.ca/
Origin
https://websites.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 23:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138353
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 01 Oct 2022 23:04:49 GMT
anchor
www.google.com/recaptcha/api2/ Frame 173B 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3227d0a568840146e1722c681f5d86f98dbca9ebca3e3a02d0fc3b80cdf2f01b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TifdJQQvvP4vIlf5tKNOWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://websites.ca/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 02 Oct 2021 04:20:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-TifdJQQvvP4vIlf5tKNOWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20351
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
AGSKWxVrYVkLO-ee7j42W7kbLkST77fgbr3m7nDrrj2qTfhLeV2_-VMoq7ku14YiSZpXh1cn7I34AntyVLnJ4q_Dt9o=
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVrYVkLO-ee7j42W7kbLkST77fgbr3m7nDrrj2qTfhLeV2_-VMoq7ku14YiSZpXh1cn7I34AntyVLnJ4q_Dt9o=?pvid=A325B5B8-2D71-4BF2-B681-425F7AAE04C8&anonid=FE77CF7E-5DDF-4241-8F05-FB3B5945F7FD
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/SQMY3fxq+RYBKeB7BtziQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/SQMY3fxq+RYBKeB7BtziQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websites.ca/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://websites.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-/SQMY3fxq+RYBKeB7BtziQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/SQMY3fxq+RYBKeB7BtziQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUeeUMIWVjrO7St6DtRNz80-NLulGDaINXNozOQHQioaQGqPQtGGn_mdITJLyYb7wZffcH-VflSWze_NWHcN1o=
fundingchoicesmessages.google.com/f/ 		452 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUeeUMIWVjrO7St6DtRNz80-NLulGDaINXNozOQHQioaQGqPQtGGn_mdITJLyYb7wZffcH-VflSWze_NWHcN1o=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTQ4NDU5LDg2MzAwMDAwMF0sIkEzMjVCNUI4LTJENzEtNEJGMi1CNjgxLTQyNUY3QUFFMDRDOCIsIkZFNzdDRjdFLTVEREYtNDI0MS04RjA1LUZCM0I1OTQ1RjdGRCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd2Vic2l0ZXMuY2EvIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7133c1cd34b3db321989c9a5157f5e8d5d4e7a23b733812c38e737fa37ecf78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WBugFzI0Huw3DCTqywK2Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WBugFzI0Huw3DCTqywK2Pg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-WBugFzI0Huw3DCTqywK2Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WBugFzI0Huw3DCTqywK2Pg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 173B 		52 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 01 Oct 2022 15:26:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 173B 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 23:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138353
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sat, 01 Oct 2022 23:04:49 GMT
/
a3.pubguru.net/ 		139 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/?device=desktop&domain=websites.ca
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.websites.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-119-106.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
739e4e4303dae6dcd68de61e0d523659ee5b77c6a65a1851d15f7ce698401d1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
x-content-type-options
nosniff
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
https://websites.ca
x-frame-options
DENY
content-type
application/json
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
0
vary
Origin
content-length
139
x-xss-protection
1; mode=block
stream
a3.pubguru.net/ 		2 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=immediate
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.websites.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-119-106.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://websites.ca/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 02 Oct 2021 04:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
https://websites.ca
x-frame-options
DENY
content-type
text/plain
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
1
vary
Origin,Accept-Encoding
x-xss-protection
1; mode=block
stream
a3.pubguru.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=test
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.websites.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.119.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-119-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://websites.ca/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://websites.ca
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
css
fonts.googleapis.com/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.SNhhyL07dZc.es5.O/d=1/rs=AJlcJMyuHrR53N7oATcwhtOUwyz6C7Nmcw/m=iabtcfv2wallscript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7024f09bee99635bcadf468fe8da0999a71e404698af546187dc5db090951b33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://websites.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 04:21:00 GMT
server
ESF
date
Sat, 02 Oct 2021 04:21:00 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 04:21:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 173B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:54:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
408415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 04 Oct 2021 10:54:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 173B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options
nosniff
age
375767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 19:58:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 173B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 01:35:26 GMT
x-content-type-options
nosniff
age
355534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 01:35:26 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 173B 		102 B
202 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegX6sUAAAAAHadP_gpwNYJYnRcATovkQuUKhw7&co=aHR0cHM6Ly93ZWJzaXRlcy5jYTo0NDM.&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=20spaw1hklba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 04:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 02 Oct 2021 04:21:00 GMT
AGSKWxU2FT-JhZTkqLMnhqHLAA7VuSlQu5JpW-CnD9e9mmkqRa3uE36iL3yKNSiRdfC4bRpCWB-PSMgqaVLY_anzEHJDKt7f8AUKiPUgQWrYfuXVx0ycYQXwkFNfF756tl79tVN0JpG03JRdfzFZWv449NqBrkNdtwRXcrQflGA1Qszy28IbMmFrpqQvaFb0
fundingchoicesmessages.google.com/el/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU2FT-JhZTkqLMnhqHLAA7VuSlQu5JpW-CnD9e9mmkqRa3uE36iL3yKNSiRdfC4bRpCWB-PSMgqaVLY_anzEHJDKt7f8AUKiPUgQWrYfuXVx0ycYQXwkFNfF756tl79tVN0JpG03JRdfzFZWv449NqBrkNdtwRXcrQflGA1Qszy28IbMmFrpqQvaFb0?dmid=dc94074aefa62498
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.SNhhyL07dZc.es5.O/d=1/rs=AJlcJMyuHrR53N7oATcwhtOUwyz6C7Nmcw/m=iabtcfv2wallscript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Aqm2HNwvEQZit6mqpoO7tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Aqm2HNwvEQZit6mqpoO7tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websites.ca/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 04:21:00 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://websites.ca
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-Aqm2HNwvEQZit6mqpoO7tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Aqm2HNwvEQZit6mqpoO7tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v107/ 		108 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v107/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff253fe18544cbbce7aab407c64ac2bc1e7bd6b933b9e0ed8865e60d96cd9b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://websites.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 21:39:30 GMT
x-content-type-options
nosniff
age
369690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110560
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 21:22:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 21:39:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://websites.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:41 GMT
x-content-type-options
nosniff
age
215359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://websites.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
127028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:03:52 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| google_tag_manager function| $ function| jQuery function| Popper object| bootstrap function| __d3lUW8vwsKlB__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| pg object| recaptcha object| closure_lm_378524 object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| OWU0YTk2NGNiMTJlNmUwZWxvYWRlcl9qcw== string| OWU0YTk2NGNiMTJlNmUwZWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| m2hb_chainloaded undefined| m2hb_chainload_config undefined| end undefined| src undefined| scripts undefined| chainload_found undefined| script undefined| target object| unchainedAdUnits object| adUnits object| unchainedAdBidders object| adBidders object| unchainedPublisher object| pgPublisher object| unchainedGamNetwork object| pgGamNetwork object| unchainedDomain object| pgDomain function| _pbChunk object| _pb object| _pbjsGlobals object| __core-js_shared__ object| m2hb object| pbjs function| __logBidWon function| __logAdRender string| canonial object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__

7 Cookies

Domain/Path Name / Value
.websites.ca/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1633148459851]]
websites.ca/ Name: pg_lazy
Value: 0
websites.ca/ Name: pg_session_depth
Value: 1
websites.ca/ Name: pg_beacon
Value: 1
websites.ca/ Name: pg_geo
Value: {"country":"DE","region":"BE","ip":"194.36.108.21"}
websites.ca/ Name: pg_custom_timeout
Value:
websites.ca/ Name: pg_ip
Value: 194.36.108.21

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3.pubguru.net
cdn.pubguru.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
m2d.m2.ai
restoreouranthem.ca
websites.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
13.225.87.90
159.203.53.140
2600:9000:20eb:2a00:5:3aaa:f40:93a1
2a00:1450:4001:801::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:831::2003
52.58.119.106
0f4ca266de351f7301a03a3e4f65ee2b3ffcc6fc0d83d89ed1ce5f378691cf6f
1a06fdf20ae1c7efab98913a2c2728db4b35487f6f748daa263e3e454a169da8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
29867a9252bab546ffcf63de06dec5803dc198d8665604b272acf32ff0658846
2d2ba1afbfd92cba1bed039b1562cfca77e23fdb8df3272c9cb6f51ebb02fa19
3227d0a568840146e1722c681f5d86f98dbca9ebca3e3a02d0fc3b80cdf2f01b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4efab6ea03136dac37a9cb6dd38286fc7f9a3d1509ba6091fb5c9c1a3908cbe4
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60bbfb26a74e7414c86e0b5ccc66e87856f1e64eb5d4ee212664c7be6ff91434
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6def50a5d781ea0eb97d67ab03930e7d0e6b20e4e60bbc7f281986d5b26f31ef
7024f09bee99635bcadf468fe8da0999a71e404698af546187dc5db090951b33
739e4e4303dae6dcd68de61e0d523659ee5b77c6a65a1851d15f7ce698401d1d
7c21652e030737e9f554a9a6fea3d5affd03133f9f973d13dc096ae870969faf
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
a62dbeddb33b84d5c80428766c5caf16290208471bb6ad4b45822a258d3b56b1
a7133c1cd34b3db321989c9a5157f5e8d5d4e7a23b733812c38e737fa37ecf78
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d655ea02762160372523386ffee45e8e8fa82f583c792603b2fd29ac89235a3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec004679e23d6f2564dd2e3094f2117908da9c3829231bafd1a4d0495e100c83
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff253fe18544cbbce7aab407c64ac2bc1e7bd6b933b9e0ed8865e60d96cd9b39