urlscan.io logo urlscan.io
SecurityTrails logo

vtcinsure.ca Open in urlscan Pro
64.250.86.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.assurancevisiteuraucanada.ca/
Effective URL: https://vtcinsure.ca//
Submission: On April 11 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 50 HTTP transactions. The main IP is 64.250.86.18, located in Georgetown, Canada and belongs to IASL, CA. The main domain is vtcinsure.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 13th 2023. Valid for: a year.
This is the only time vtcinsure.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2607:f8b0:4006:817::2013 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.assurancevisiteuraucanada.ca
16    64.250.86.18 (Georgetown, Canada)

ASN33130 (IASL, CA)
PTR: IP64-250-86-18.iasl.com
vtcinsure.ca
9    2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
5    2607:f8b0:4006:824::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    108.139.29.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-41.jfk50.r.cloudfront.net
app.purechat.com
2    3.20.33.189 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-33-189.us-east-2.compute.amazonaws.com
widgetapi.purechat.com
api.purechat.com
1    108.139.47.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-126.jfk50.r.cloudfront.net
api-cdn.purechat.com
2    2606:4700:3030::6815:455e (United States)

ASN13335 (CLOUDFLARENET, US)
prod.purechatcdn.com
1    3.134.131.10 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-131-10.us-east-2.compute.amazonaws.com
api.purechat.com
2    18.116.101.110 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-101-110.us-east-2.compute.amazonaws.com
checkin.purechat.com
2    2607:f8b0:4006:81c::2008 (None, )

ASN- ()
www.googletagmanager.com
3    2607:f8b0:4006:820::200e (None, )

ASN- ()
www.google-analytics.com
2    2a03:2880:f012:8:face:b00c:0:1 (None, )

ASN- ()
connect.facebook.net
1    2607:f8b0:4004:c17::9b (None, )

ASN- ()
stats.g.doubleclick.net
1    2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 vtcinsure.ca
vtcinsure.ca
504 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
465 KB
8 purechat.com
app.purechat.com — Cisco Umbrella Rank: 27211
widgetapi.purechat.com — Cisco Umbrella Rank: 29932
api-cdn.purechat.com — Cisco Umbrella Rank: 45557
api.purechat.com — Cisco Umbrella Rank: 61222
checkin.purechat.com — Cisco Umbrella Rank: 42390
10 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
45 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 facebook.net
connect.facebook.net
136 KB
2 googletagmanager.com
www.googletagmanager.com
124 KB
2 purechatcdn.com
prod.purechatcdn.com — Cisco Umbrella Rank: 46871
311 KB
1 facebook.com
www.facebook.com
185 B
1 doubleclick.net
stats.g.doubleclick.net
346 B
1 assurancevisiteuraucanada.ca
www.assurancevisiteuraucanada.ca
127 B
0 google.ca Failed
www.google.ca Failed
50 12
Domain Requested by
16 vtcinsure.ca vtcinsure.ca
5 www.google.com vtcinsure.ca
www.gstatic.com
www.google.com
5 fonts.gstatic.com vtcinsure.ca
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net vtcinsure.ca
connect.facebook.net
2 www.googletagmanager.com vtcinsure.ca
www.googletagmanager.com
2 checkin.purechat.com prod.purechatcdn.com
2 api.purechat.com prod.purechatcdn.com
2 prod.purechatcdn.com app.purechat.com
prod.purechatcdn.com
2 app.purechat.com vtcinsure.ca
app.purechat.com
1 www.facebook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api-cdn.purechat.com app.purechat.com
1 widgetapi.purechat.com app.purechat.com
1 www.assurancevisiteuraucanada.ca 1 redirects
0 www.google.ca Failed
50 17

This site contains links to these domains. Also see Links.

Domain
awaycare.ca
travelguardian.ca
www.google.com
www.facebook.com
Subject Issuer Validity Valid
vtcinsure.ca
Entrust Certification Authority - L1K		 2023-03-13 -
2024-04-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.purechat.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
purechatcdn.com
Cloudflare Inc ECC CA-3		 2023-03-15 -
2024-03-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-18 -
2023-04-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://vtcinsure.ca//
Frame ID: 2BC6605D0E150222369D3881F03B80A3
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Frame ID: 7C2206EAF521825A19CC14D8949E7947
Requests: 8 HTTP requests in this frame

Frame: https://prod.purechatcdn.com/assets/modern_app.13836.js
Frame ID: D9BE3ED4734CF272D773639B860551B4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VTC Travel Insurance - Super Visa and Visitors to Canada Insurance

Page URL History Show full URLs

  1. https://www.assurancevisiteuraucanada.ca/ HTTP 301
    https://vtcinsure.ca// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

50
Requests

98 %
HTTPS

60 %
IPv6

12
Domains

17
Subdomains

15
IPs

2
Countries

1616 kB
Transfer

4536 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.assurancevisiteuraucanada.ca/ HTTP 301
    https://vtcinsure.ca// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vtcinsure.ca//
Redirect Chain
  • https://www.assurancevisiteuraucanada.ca/
  • https://vtcinsure.ca//
312 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
6c67fa5186bf96035439a6a29eb52b35dd1a3cd4ce91f7380c03201e9390270f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
br
Content-Length
47052
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Apr 2023 11:40:23 GMT
Keep-Alive
timeout=1, max=100
Last-Modified
Tue, 11 Apr 2023 09:45:28 GMT
Server
Apache
Vary
Accept-Encoding

Redirect headers

content-length
219
content-type
text/html; charset=UTF-8
date
Tue, 11 Apr 2023 11:40:22 GMT
location
https://vtcinsure.ca//
server
ghs
x-frame-options
SAMEORIGIN
x-xss-protection
0
nunito-v8-latin-regular.woff2
vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-regular.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca//
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
18819
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 30 Mar 2023 15:37:22 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=10368000
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Wed, 09 Aug 2023 11:40:23 GMT
nunito-v8-latin-700.woff2
vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/plugins/gdpr-cookie-compliance/dist/fonts/nunito-v8-latin-700.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca//
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
18935
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 30 Mar 2023 15:37:22 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Cache-Control
max-age=10368000
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Wed, 09 Aug 2023 11:40:23 GMT
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v23/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:14:43 GMT
x-content-type-options
nosniff
age
1540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21248
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:38:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 11:14:43 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 17:31:15 GMT
x-content-type-options
nosniff
age
410948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Apr 2024 17:31:15 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:33:04 GMT
x-content-type-options
nosniff
age
4039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:33:04 GMT
awb-icons.woff
vtcinsure.ca/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		21 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca//
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
12932
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 04 Apr 2023 16:08:06 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff
Cache-Control
max-age=10368000
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Wed, 09 Aug 2023 11:40:23 GMT
jquery.min.js
vtcinsure.ca/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
31049
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 30 Mar 2023 15:39:12 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=100
Expires
Wed, 10 Apr 2024 11:40:23 GMT
api.js
www.google.com/recaptcha/ 		884 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&ver=3.0
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62c654968546dba8266a3e5bf5bcfb721db0c8e30e79454121cdde92f784a38c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
585
x-xss-protection
1; mode=block
expires
Tue, 11 Apr 2023 11:40:23 GMT
wp-polyfill.min.js
vtcinsure.ca/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
6532
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 08 Nov 2022 04:05:36 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=98
Expires
Wed, 10 Apr 2024 11:40:23 GMT
lazyload.min.js
vtcinsure.ca/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
2888
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 16 Mar 2023 20:14:43 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Wed, 10 Apr 2024 11:40:23 GMT
a47c7672d55bcca32e50d3bdb7a8ff8d.js
vtcinsure.ca/wp-content/cache/min/1/ 		471 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-content/cache/min/1/a47c7672d55bcca32e50d3bdb7a8ff8d.js
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
804ecb75414a321fbc24ba8400142997133ecfcc963572c1cc29b5d425357aab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 31 Mar 2023 16:10:57 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000, public
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=97
Expires
Wed, 10 Apr 2024 11:40:23 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40454b63db1d5bdc1fd46b1d2d36702d937792eb70470ad0909ed66d5b5ef0de

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
home-super-visa-insurance_560x400.jpg
vtcinsure.ca/wp-content/uploads/2018/05/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/home-super-visa-insurance_560x400.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
fea7739b709d8751c9005f94338bacc4b5270d588be3b036bb5c8f230eab9092
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
23510
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:29 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Wed, 09 Aug 2023 11:40:23 GMT
home-visitors-to-canada-insurance_560x400.jpg
vtcinsure.ca/wp-content/uploads/2018/05/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/home-visitors-to-canada-insurance_560x400.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
0359644fa773c3456e06250afa1594bafbb4f7ec9122905d1718e7ad45479da8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
40960
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:31 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=99
Expires
Wed, 09 Aug 2023 11:40:23 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vtcinsure.ca/
Origin
https://vtcinsure.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 06:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166600
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 06:44:39 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49ef37d639c578e8a3ec10db855733b04015999cdabeaec298fd17e5b24aab18

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
VTCInsure-logo.webp
vtcinsure.ca/wp-content/uploads/2018/05/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/VTCInsure-logo.webp
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
4009aa0cc840ef0b52fa8519bc5289a5b5b145addfde4f5b6d5526d94b66189b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
3812
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:29 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=96
Expires
Wed, 09 Aug 2023 11:40:23 GMT
home-get-a-quote_1200x300.jpg
vtcinsure.ca/wp-content/uploads/2018/05/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2018/05/home-get-a-quote_1200x300.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
bcebc8f53a2d1a28cc1bddfc90a1579aaabacca8c8c1cd8c01f9409b98535793
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
9596
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:11:32 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=98
Expires
Wed, 09 Aug 2023 11:40:23 GMT
WidgetScript
app.purechat.com/VisitorWidget/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.purechat.com/VisitorWidget/WidgetScript
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca/wp-content/cache/min/1/a47c7672d55bcca32e50d3bdb7a8ff8d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd5dc24d0d7546794cc14f03e25888cd27e55f31c1abc66f212142d1d9e04050

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront)
date
Tue, 11 Apr 2023 07:45:53 GMT
last-modified
Tue, 31 Jan 2023 03:55:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
14071
etag
W/"6d472c54bbcb8a12a1f1d8f4906802b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
x-amz-cf-id
xiocSKYy40S9V2Pzv4ho5scHyILtYHCWIADeEaC-QD9J7RVM5vhwDg==
home-banner-indian-couple_1200x600.jpg
vtcinsure.ca/wp-content/uploads/2015/09/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2015/09/home-banner-indian-couple_1200x600.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
3731a29298c62c7b4422fd89a69d8c903d96847bfd2f60dcb496c154b639b4e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
32230
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:13:17 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=97
Expires
Wed, 09 Aug 2023 11:40:23 GMT
home-banner-asian-family_1200x600.jpg
vtcinsure.ca/wp-content/uploads/2015/09/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2015/09/home-banner-asian-family_1200x600.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
814cc28a1d40422e2134670912e8f08e67886edc3de46dffe7878b7a69b0c0f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
69668
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:13:26 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=95
Expires
Wed, 09 Aug 2023 11:40:23 GMT
home-banner-mountains_1200x600.jpg
vtcinsure.ca/wp-content/uploads/2015/09/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vtcinsure.ca/wp-content/uploads/2015/09/home-banner-mountains_1200x600.jpg
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
f6bce816666b3b5314e87a7b4207e1ce1115f9054de3366fb3c501a623931fed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 11:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Connection
Keep-Alive
Content-Length
62564
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 21 Apr 2021 22:13:22 GMT
Server
Apache
Expect-CT
max-age=7776000, enforce
X-Frame-Options
sameorigin
Vary
Accept,Accept-Encoding
Content-Type
image/webp
Cache-Control
private, max-age=604800
Permissions-Policy
accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=98
Expires
Wed, 09 Aug 2023 11:40:23 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7C22 		47 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20445d76f99746923dfbc27c4402754952bd863d4d0ff176aee327111e0dd102
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8aIlFpg-fandb5yxyt8s-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtcinsure.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
26318
content-security-policy
script-src 'report-sample' 'nonce-8aIlFpg-fandb5yxyt8s-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Apr 2023 11:40:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 7C22 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 03:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 03:18:57 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 7C22 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 06:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166600
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 06:44:39 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7C22 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 23:44:18 GMT
x-content-type-options
nosniff
age
42966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 17 Apr 2023 23:44:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C22 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options
nosniff
age
4164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7C22 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:14 GMT
x-content-type-options
nosniff
age
4150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7C22 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6MY32oPwFCn9SUKWt8czDsDw
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52b6bc2da1a35ad6706eec5961272fd563b4b06da757483fb36dd4a72716bd12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 11 Apr 2023 11:40:24 GMT
180ce955-cdb1-4c36-87b7-8711886ce338
widgetapi.purechat.com/api/visitorwidget/widgetversions/ 		409 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widgetapi.purechat.com/api/visitorwidget/widgetversions/180ce955-cdb1-4c36-87b7-8711886ce338
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.33.189 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-33-189.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
b9bdffe36df8b8304e410942a6034ded3786ba41d438001fa46d7218e7489237

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:24 GMT
server
Kestrel
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vtcinsure.ca
access-control-expose-headers
X-Requires-Auth
cache-control
max-age=60
access-control-allow-credentials
true
content-length
409
29
api-cdn.purechat.com/api/visitorwidget/widget/180ce955-cdb1-4c36-87b7-8711886ce338/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.purechat.com/api/visitorwidget/widget/180ce955-cdb1-4c36-87b7-8711886ce338/29
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-126.jfk50.r.cloudfront.net
Software
Kestrel /
Resource Hash
044ee2da13bfb39b7a34deb2bc846335672662e47c69c088771aeadc2ec48e34

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:25 GMT
content-encoding
gzip
via
1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
JFK50-P1
vary
Accept-Encoding,Origin
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vtcinsure.ca
access-control-expose-headers
X-Requires-Auth
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-id
YqdrQ6tA81V0qnp-Ia0Lt82qeJpeJKiZ4vCssufni4G8r7HywMpftw==
reload
www.google.com/recaptcha/api2/ Frame 7C22 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f1cb015d3122025c9f04eaf098963fd2a9c3b28164f5ece7275f1fb40818501
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzroEUAAAAAOA71ow6HqkDTzYvEAyztifT0N-C&co=aHR0cHM6Ly92dGNpbnN1cmUuY2E6NDQz&hl=en&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=2uw0l7elvk3z
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 11 Apr 2023 11:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18612
x-xss-protection
1; mode=block
expires
Tue, 11 Apr 2023 11:40:24 GMT
version
app.purechat.com/ 		234 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.purechat.com/version?_=_&callback=_WidgetJPCB_Version
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-41.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
643f76818cce37b7ab044eadec562ad4abbdc9db1416cbb3ecef58ce15c3f38b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Apr 2023 11:33:22 GMT
via
1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront)
last-modified
Tue, 31 Jan 2023 03:55:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
424
etag
"b4a0d7af6df32f8107e975582c098ef3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=900
content-length
234
x-amz-cf-id
zvDGWbl0-rqw2u8_SYSc3bn4Mi0ci84znF8wYkzAl3wdnYNQk7XEjQ==
modern_initializer.13836.js
prod.purechatcdn.com/assets/ 		132 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.purechatcdn.com/assets/modern_initializer.13836.js
Requested by
Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08eb812ae90c8ebf8cb7b8cc054b6ca9497a83d7c20be0a6626a4f0dae47546

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:25 GMT
x-amz-version-id
null
via
1.1 033dd8f8b841eb2820b152955dc0bf42.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
YTO50-C1
age
3687468
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Jan 2023 03:53:57 GMT
server
cloudflare
etag
W/"47ffa44a34a2af9c7f21609d19e46ae7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNtbD30ZC2Fmr%2FZXKlHXRSsj9uL5vCKnKLo7Rh1xsgXjLiQYElGjg4ob%2ByHtoJTuCmrJDpX05YxkIDQJtHNWveeiFsOjOVoLPsQXxeeZKtGO%2B1b%2FS4LOnHLPtEwf3Ezi0sxoCc89X4GNFvbXxnkdf8NnEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
vary
Accept-Encoding
cf-ray
7b62f4613c525425-YYZ
x-amz-cf-id
9_4Bbf3x5ZKXGzBtyisTd602_D42oauG94Px8CgrUCvIyXeeyCcPGQ==
modern_app.13836.js
prod.purechatcdn.com/assets/ Frame D9BE 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.purechatcdn.com/assets/modern_app.13836.js
Requested by
Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_initializer.13836.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad6b755ce48903466e83f34c109bdc78ceed476aefafca382b4429ea0fc7785

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:25 GMT
x-amz-version-id
null
via
1.1 64d5385c423c2207e3680beec4636de8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ORD56-P1
age
4017794
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 31 Jan 2023 03:53:56 GMT
server
cloudflare
etag
W/"b9a3e7a54d8014cfdf42043f9fc155dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVT652rChAZZrRvJ67JubEpMeDDqea3oW1wXvjvub6WI3AVTjlk%2F%2BZuTfDlzf2nMMk7d0AheYWDqtYkGoTVk6OYK6EbV4NE8%2BZQKklh5Em0QgxQ6cr4%2BOpJlSDnPf36%2FyBCnGG23Ksxc8DDaqmQYsESpVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7b62f461bd4d5425-YYZ
x-amz-cf-id
ykoY6SImfdzOZdWMzPQM3bAjJ80QQDyKPuakXkOlTrBJ1BN5hmOU9g==
180ce955-cdb1-4c36-87b7-8711886ce338
api.purechat.com/api/visitorwidget/chatavailable/502049/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purechat.com/api/visitorwidget/chatavailable/502049/180ce955-cdb1-4c36-87b7-8711886ce338?externalRequest=false&getAvailableOperators=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.131.10 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-131-10.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://vtcinsure.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://vtcinsure.ca
date
Tue, 11 Apr 2023 11:40:25 GMT
server
Kestrel
180ce955-cdb1-4c36-87b7-8711886ce338
api.purechat.com/api/visitorwidget/chatavailable/502049/ Frame D9BE 		20 B
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purechat.com/api/visitorwidget/chatavailable/502049/180ce955-cdb1-4c36-87b7-8711886ce338?externalRequest=false&getAvailableOperators=true
Requested by
Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_app.13836.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.33.189 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-33-189.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87

Request headers

Accept
application/json
Referer
https://vtcinsure.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vtcinsure.ca
date
Tue, 11 Apr 2023 11:40:25 GMT
access-control-expose-headers
X-Requires-Auth
access-control-allow-credentials
true
server
Kestrel
content-length
20
content-type
application/json; charset=utf-8
/
checkin.purechat.com/api/checkin/ Frame D9BE 		113 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkin.purechat.com/api/checkin/
Requested by
Host: prod.purechatcdn.com
URL: https://prod.purechatcdn.com/assets/modern_app.13836.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.101.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-101-110.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
45ed5b005b446beaa5d9001a3e2e383ea87b2f32cd37ed751e9a01179ed67c25

Request headers

Referer
https://vtcinsure.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://vtcinsure.ca
date
Tue, 11 Apr 2023 11:40:26 GMT
access-control-allow-credentials
true
server
Kestrel
content-length
113
content-type
application/json; charset=utf-8
/
checkin.purechat.com/api/checkin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://checkin.purechat.com/api/checkin/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.101.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-101-110.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vtcinsure.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://vtcinsure.ca
date
Tue, 11 Apr 2023 11:40:25 GMT
server
Kestrel
admin-ajax.php
vtcinsure.ca/wp-admin/ 		762 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtcinsure.ca/wp-admin/admin-ajax.php
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.250.86.18 Georgetown, Canada, ASN33130 (IASL, CA),
Reverse DNS
IP64-250-86-18.iasl.com
Software
Apache /
Resource Hash
036c0f6ccd0773c38506f1655bac1c627c2bb51885a9f001a341421c649d03bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://vtcinsure.ca//
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 11 Apr 2023 11:40:25 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
349
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://vtcinsure.ca
Cache-Control
no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Keep-Alive
timeout=1, max=100
Expires
Wed, 11 Jan 1984 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWX7BJW
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e559009640034a1dc2ab2e1a0f4642ffc7c445dffa722c84445772fc90ef595a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47993
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Apr 2023 11:40:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX7BJW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Apr 2023 10:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5717
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 11 Apr 2023 12:05:12 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: vtcinsure.ca
URL: https://vtcinsure.ca//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Apr 2023 11:40:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
3Q5fOCW/AS+aNYwlRBdXvjafcdjvFjwZNJhA39/LnTAN02JpqVUBVRtTtGZyxqCrGX88WDLuCIxzW3inGCFD+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QQED87TQX5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX7BJW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1f670a263500061e6e6c77ac88e1b4a4fc29d8c22a923469d6fe195e51edbd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 11:40:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78484
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Apr 2023 11:40:29 GMT
collect
www.google-analytics.com/g/ 		0
168 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QQED87TQX5&gtm=45je34a0&_p=1855191067&cid=971259831.1681213229&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681213229&sct=1&seg=0&dl=https%3A%2F%2Fvtcinsure.ca%2F%2F&dt=VTC%20Travel%20Insurance%20-%20Super%20Visa%20and%20Visitors%20to%20Canada%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQED87TQX5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Apr 2023 11:40:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vtcinsure.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
184713202237223
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/184713202237223?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5174044ec79e157abf5c6f7897a6bd2ec216dfa23e57209d694a77e5a40b7505
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Apr 2023 11:40:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
++S8JdmfEryLbctLZlrtuHGHw9htCZKY/dEcWDE5rnkSpb4MZtFYrGNbAWNQGkRh226gx5FhwtD6U0TUsqQn5A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1855191067&t=pageview&_s=1&dl=https%3A%2F%2Fvtcinsure.ca%2F%2F&ul=en-us&de=UTF-8&dt=VTC%20Travel%20Insurance%20-%20Super%20Visa%20and%20Visitors%20to%20Canada%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1376306866&gjid=720953875&cid=971259831.1681213229&tid=UA-120989462-1&_gid=2033078963.1681213230&_r=1&_slc=1&gtm=45He34a0n81TWX7BJW&z=485490601
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vtcinsure.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Apr 2023 11:40:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vtcinsure.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-120989462-1&cid=971259831.1681213229&jid=1376306866&gjid=720953875&_gid=2033078963.1681213230&_u=YADAAEAAAAAAACAAI~&z=369995230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vtcinsure.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 11 Apr 2023 11:40:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vtcinsure.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=184713202237223&ev=PageView&dl=https%3A%2F%2Fvtcinsure.ca%2F%2F&rl=&if=false&ts=1681213229674&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681213229673.700526493&it=1681213229500&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Apr 2023 11:40:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-120989462-1&cid=971259831.1681213229&jid=1376306866&_u=YADAAEAAAAAAACAAI~&z=1581958341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vtcinsure.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Apr 2023 11:40:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.ca
URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-120989462-1&cid=971259831.1681213229&jid=1376306866&_u=YADAAEAAAAAAACAAI~&z=1581958341

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless undefined| $ function| jQuery function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| setImmediate function| clearImmediate object| moove_frontend_gdpr_scripts object| lazyLoadOptions function| LazyLoad object| doc object| wpcf7 object| scriptData object| runtime object| wpcf7_recaptcha string| gdpr_consent__strict string| gdpr_consent__thirdparty string| gdpr_consent__advanced string| gdpr_consent__cookies object| cssua object| fusionAnimationsVars function| fusionSetAnimationData object| fusionJSVars object| fusion object| fusionLightboxVideoVars function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionVideoGeneralVars function| playVideoAndPauseOthers object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| vimeoReady function| fusionInitVimeoPlayers object| fusionLightboxVars function| avadaLightBoxInitializeLightbox function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionResizeCrossfadeImagesContainer function| calcSelectArrowDimensions object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionFlexSliderStrToBool object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| fusionIsWholeElementInViewport function| initSwiperScrollingSection function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| avadaFusionSliderVars function| updateVideoTag function| avadaFusionSlider object| avadaFadeVars function| avadaTriggerPageTitleFading object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch function| fusionGetScrollOffset object| fusionScrollToAnchorVars function| checkHoverTouchState object| fusionVideoVars function| fusionInitStickyColumns function| lazyLoadThumb function| lazyLoadYoutubeIframe object| swv object| regeneratorRuntime function| postscribe function| gdpr_lightbox object| awbAnimationObservers object| html5 object| Modernizr object| browserPrefixes object| _fusionImageParallaxImages object| avadaLightBox object| $ilInstances object| awb_oc_timeouts object| awbOffCanvas function| awbScrollSpy object| purechatApi object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| responsiveTypeElements string| fusionBaseFontSize number| lastYPosition boolean| scrollDisabled number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| recaptcha object| closure_lm_766088 string| rubyRenderInternalCheckpoint function| updateRubyRenderCheckpoint function| updateRubyRenderInternalCheckpoint function| PCWidget object| fusionVimeoPlayers number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| mobileMenuSepAdded function| _WidgetJPCB_Version object| _pcWidgetInitializer

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AK9u06KUP-qqTK401S37VAlXmKKSNz_5bWiJbGxiLyytGrPzO88tb5kH9vFeU7VWKzcaqzzS0OtxmWZm1PKifss
.purechat.com/ Name: _PCCSID_502049
Value: c0d4db3e-1ae9-49c9-9e56-bc5a13d2c3f0
.purechat.com/ Name: _PCCID
Value: f03a094d-50de-447c-8220-a77cc84b0c3a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cdn.purechat.com
api.purechat.com
app.purechat.com
checkin.purechat.com
connect.facebook.net
fonts.gstatic.com
prod.purechatcdn.com
stats.g.doubleclick.net
vtcinsure.ca
widgetapi.purechat.com
www.assurancevisiteuraucanada.ca
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.google.ca
108.139.29.41
108.139.47.126
18.116.101.110
2606:4700:3030::6815:455e
2607:f8b0:4004:c17::9b
2607:f8b0:4006:817::2013
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:820::200e
2607:f8b0:4006:824::2004
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.134.131.10
3.20.33.189
64.250.86.18
0359644fa773c3456e06250afa1594bafbb4f7ec9122905d1718e7ad45479da8
036c0f6ccd0773c38506f1655bac1c627c2bb51885a9f001a341421c649d03bf
044ee2da13bfb39b7a34deb2bc846335672662e47c69c088771aeadc2ec48e34
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
20445d76f99746923dfbc27c4402754952bd863d4d0ff176aee327111e0dd102
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
3731a29298c62c7b4422fd89a69d8c903d96847bfd2f60dcb496c154b639b4e7
3bd34a08f83fed3ced5508056737f9594d36e0e98f0cefdde2b92fbd8ead1bd1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4009aa0cc840ef0b52fa8519bc5289a5b5b145addfde4f5b6d5526d94b66189b
40454b63db1d5bdc1fd46b1d2d36702d937792eb70470ad0909ed66d5b5ef0de
45ed5b005b446beaa5d9001a3e2e383ea87b2f32cd37ed751e9a01179ed67c25
49ef37d639c578e8a3ec10db855733b04015999cdabeaec298fd17e5b24aab18
5174044ec79e157abf5c6f7897a6bd2ec216dfa23e57209d694a77e5a40b7505
52b6bc2da1a35ad6706eec5961272fd563b4b06da757483fb36dd4a72716bd12
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f1cb015d3122025c9f04eaf098963fd2a9c3b28164f5ece7275f1fb40818501
623b62596e07df1fbf3a9fc0219c238e373bec6e55349826b0315b50ed2a7a7d
62c654968546dba8266a3e5bf5bcfb721db0c8e30e79454121cdde92f784a38c
643f76818cce37b7ab044eadec562ad4abbdc9db1416cbb3ecef58ce15c3f38b
6c67fa5186bf96035439a6a29eb52b35dd1a3cd4ce91f7380c03201e9390270f
804ecb75414a321fbc24ba8400142997133ecfcc963572c1cc29b5d425357aab
814cc28a1d40422e2134670912e8f08e67886edc3de46dffe7878b7a69b0c0f2
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
a4d5c712c6ea170fe80e4e13806878ec5f04b70a9a6800d9a9e41a18ebdd7d87
aad6b755ce48903466e83f34c109bdc78ceed476aefafca382b4429ea0fc7785
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b9bdffe36df8b8304e410942a6034ded3786ba41d438001fa46d7218e7489237
bcebc8f53a2d1a28cc1bddfc90a1579aaabacca8c8c1cd8c01f9409b98535793
bd5dc24d0d7546794cc14f03e25888cd27e55f31c1abc66f212142d1d9e04050
c08eb812ae90c8ebf8cb7b8cc054b6ca9497a83d7c20be0a6626a4f0dae47546
cdc28355b0b7217392395460dd7dfbc65a4cf0822c986a7533f4ca7434799e53
d1f670a263500061e6e6c77ac88e1b4a4fc29d8c22a923469d6fe195e51edbd1
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e559009640034a1dc2ab2e1a0f4642ffc7c445dffa722c84445772fc90ef595a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6bce816666b3b5314e87a7b4207e1ce1115f9054de3366fb3c501a623931fed
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4
fea7739b709d8751c9005f94338bacc4b5270d588be3b036bb5c8f230eab9092