billnoble.ca Open in urlscan Pro
52.22.216.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.billnoble.ca/
Effective URL:
https://billnoble.ca/
Submission: On August 27 via automatic, source certstream-suspicious (August 27th 2021, 5:28:35 pm UTC)

Summary HTTP 68 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 11 domains to perform 68 HTTP transactions. The main IP is 52.22.216.73, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is billnoble.ca.
TLS certificate: Issued by R3 on June 28th 2021. Valid for: 3 months.

This is the only time billnoble.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	52.22.216.73 52.22.216.73	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.95.147.176 52.95.147.176	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:21f... 2600:9000:21f3:fe00:14:68a3:abc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.95.145.152 52.95.145.152	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	18.209.242.7 18.209.242.7	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
68	25

7 52.22.216.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-216-73.compute-1.amazonaws.com

www.billnoble.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
billnoble.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.147.176 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

siteforward-code.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:21f3:fe00:14:68a3:abc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.twentyoverten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.145.152 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

siteforward-images.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.242.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-242-7.compute-1.amazonaws.com

app.twentyoverten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	846 KB
13	googleapis.com fonts.googleapis.com ajax.googleapis.com maps.googleapis.com	478 KB
12	twentyoverten.com static.twentyoverten.com app.twentyoverten.com	4 MB
7	billnoble.ca 1 redirects www.billnoble.ca billnoble.ca	687 KB
5	google.com www.google.com	24 KB
4	amazonaws.com siteforward-code.s3.ca-central-1.amazonaws.com siteforward-images.s3.ca-central-1.amazonaws.com	109 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	121 KB
3	fontawesome.com use.fontawesome.com	142 KB
2	youtube.com www.youtube.com	43 KB
1	doubleclick.net stats.g.doubleclick.net	83 B
68	11

	Domain	Requested by
11	maps.googleapis.com	www.google.com maps.googleapis.com billnoble.ca
11	static.twentyoverten.com	billnoble.ca
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	billnoble.ca	billnoble.ca
5	www.google.com	billnoble.ca www.gstatic.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	maps.gstatic.com	www.google.com billnoble.ca
3	www.googletagmanager.com	billnoble.ca www.googletagmanager.com
3	use.fontawesome.com	billnoble.ca use.fontawesome.com
2	www.youtube.com	billnoble.ca www.youtube.com
2	siteforward-images.s3.ca-central-1.amazonaws.com	billnoble.ca
2	siteforward-code.s3.ca-central-1.amazonaws.com	billnoble.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	app.twentyoverten.com	ajax.googleapis.com
1	ajax.googleapis.com	billnoble.ca
1	fonts.googleapis.com	billnoble.ca
1	www.billnoble.ca	1 redirects
68	18

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
portal.manulife.ca
siteforward.ca
www.iiroc.ca
www.cipf.ca
www.manulifesecurities.ca
www.manulife.ca
twentyoverten.com

Subject Issuer	Validity	Valid
billnoble.ca R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.s3.ca-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.twentyoverten.com Amazon	`2020-10-16` - `2021-11-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.app.twentyoverten.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-30` - `2021-12-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://billnoble.ca/
Frame ID: 6AAAC313360369050BDA2B2F41A46110
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11604.842877189605!2d-79.8004747!3d43.3517027!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb4263c6fa0d89be8!2sBill+Noble+is+a+Financial+Advisor!5e0!3m2!1sen!2sca!4v1564151496963!5m2!1sen!2sca
Frame ID: DF30C6C2C29B2A9B9A33820221061381
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&co=aHR0cHM6Ly9iaWxsbm9ibGUuY2E6NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&cb=p0cv6f9k41jw
Frame ID: 387A489070C9A7B48E05159928836B5B
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&cb=pdsqvqlek3yb
Frame ID: 902B98610860A7C24733F73F7045ED4D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bill NoblefacebooktwitterinstagramlinkedingoogleyoutubevimeotumblryelprssemailpodcastphoneblogexternalsearchbrokercheckbrokercheckPlayPause

Page URL History Show full URLs

https://www.billnoble.ca/ HTTP 301
https://billnoble.ca/ Page URL

Page Statistics

68
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

18
Subdomains

25
IPs

4
Countries

6584 kB
Transfer

10346 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/in/bill-noble-cim-901ab738/

Search URL Search Domain Scan URL

URL: https://portal.manulife.ca/manulifesecurities
Title: Client Login

Search URL Search Domain Scan URL

URL: https://siteforward.ca/rss-feed/protection-essentials-solutions-for-financial-planning
Title: August 24, 2021 Protection essentials - Solutions For Financial Planning*

Search URL Search Domain Scan URL

URL: https://siteforward.ca/rss-feed/5-myths-about-generational-wealth-youve-likely-heard
Title: August 24, 2021 5 Myths About Generational Wealth You've Likely Heard

Search URL Search Domain Scan URL

URL: https://siteforward.ca/rss-feed/value-vs-growth-investing-whats-the-difference
Title: August 3, 2021 Value vs. Growth Investing: What’s the Difference?

Search URL Search Domain Scan URL

URL: https://www.iiroc.ca/

Search URL Search Domain Scan URL

URL: https://www.iiroc.ca/investors/knowyouradvisor/Pages/default.aspx

Search URL Search Domain Scan URL

URL: https://www.cipf.ca/

Search URL Search Domain Scan URL

URL: http://www.manulifesecurities.ca/
Title: www.manulifesecurities.ca

Search URL Search Domain Scan URL

URL: https://www.manulifesecurities.ca/corporate-disclaimers.html
Title: Legal and Disclaimers

Search URL Search Domain Scan URL

URL: https://www.manulife.ca/privacy-policies.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://twentyoverten.com/
Title: Powered by Twenty Over Ten

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.billnoble.ca/ HTTP 301
https://billnoble.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
billnoble.ca/
Redirect Chain

https://www.billnoble.ca/
https://billnoble.ca/

39 KB
13 KB

332ms
131ms

Document
text/html

52.22.216.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.22.216.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-216-73.compute-1.amazonaws.com
Software: / Express
Resource Hash: dcb2a59ea6c5d9955b9786557d431c67914703b6dec5322e10773395c752dd45

Request headers

Host: billnoble.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Powered-By: Express
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
ETag: W/"9ced-MC9NVtYnaM2jT76ilHvqfqNNK9g"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 27 Aug 2021 17:28:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

Redirect headers

X-Powered-By: Express
Access-Control-Allow-Credentials: true
Location: https://billnoble.ca/
Vary: Accept, Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 98
Date: Fri, 27 Aug 2021 17:28:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5

GET
H2 200 css
fonts.googleapis.com/ 10 KB
863 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5477255b6328338e47655a1f068b45ef88ed3c628b79fd0488764cfe5f999e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 17:28:15 GMT
server: ESF
date: Fri, 27 Aug 2021 17:28:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Aug 2021 17:28:15 GMT

GET
H/1.1 200
OK global.css
billnoble.ca/assets/frameworks/assets/dist/css/ 263 KB
34 KB 101ms
100ms Stylesheet
text/css 52.22.216.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://billnoble.ca/assets/frameworks/assets/dist/css/global.css
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.22.216.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-216-73.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8b8e48e34a5377d098123ef7c12e2f202d7ce0e4bebaf7b8bf502c276b628b5a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: billnoble.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://billnoble.ca/
Connection: keep-alive
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:15 GMT
Content-Encoding: gzip
ETag: W/"41c46-17acfad207d"
Last-Modified: Thu, 22 Jul 2021 19:24:27 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK main.css
billnoble.ca/assets/frameworks/themes/iris/3.0.0/assets/dist/css/ 48 KB
8 KB 298ms
100ms Stylesheet
text/css 52.22.216.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://billnoble.ca/assets/frameworks/themes/iris/3.0.0/assets/dist/css/main.css
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.22.216.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-216-73.compute-1.amazonaws.com
Software: / Express
Resource Hash: b1ba960521370c2179541d077e58a428be311863f8cf420a99f8027096fe5b43

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: billnoble.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://billnoble.ca/
Connection: keep-alive
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:15 GMT
Content-Encoding: gzip
ETag: W/"be9c-178b318c656"
Last-Modified: Thu, 08 Apr 2021 20:07:28 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK custom.css
billnoble.ca/assets/css/ 20 KB
3 KB 343ms
140ms Stylesheet
text/css 52.22.216.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://billnoble.ca/assets/css/custom.css
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.22.216.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-216-73.compute-1.amazonaws.com
Software: / Express
Resource Hash: c8a902a2754518d002269d054c17e75843ffa0729a42700e77b8587855d52794

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: billnoble.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://billnoble.ca/
Connection: keep-alive
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: Express
ETag: W/"4f2d-pzaBVp4pFvIIlVFKQ0m+396lxno"
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 404ms
402ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Origin: https://billnoble.ca
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:15 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZBJDG98MV9XWEA60
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: dN5MD3Xvd+KK1g3lJAYUmd7/LE0vIzIMwCrVLaYDSjU1U6xRYU2BRA9iHCErtJ/c2QqWku3XiYQ=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UQBNrGGf%2FZPGkb7IoBsl%2Bs6%2Fojasrb2iNTcJfi0coch8i0vie%2F7z%2BsG00Tmamcid5EMjquSAWN2beRcTpJus%2BNT2omibrRg4LQ25VnqExsnfRFu8sAlC%2BV55NHBQN8SVrYk0micuZZaNiyt9qYl4KSG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 685703e7d8ee5c50-FRA

GET
H/1.1 200
OK Styles.css
siteforward-code.s3.ca-central-1.amazonaws.com/ 42 KB
43 KB 486ms
127ms Stylesheet
text/css 52.95.147.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteforward-code.s3.ca-central-1.amazonaws.com/Styles.css
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.176 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bd7f2998d5e0cab6c5eb370623428e7c00e99d5db6942c4c8f7f6dd41100f2e

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:16 GMT
Last-Modified: Thu, 27 May 2021 13:30:00 GMT
Server: AmazonS3
x-amz-request-id: ZBJDRV58MV8ADMNP
ETag: "15625bba4b246f942255f757878f0d89"
Content-Type: text/css
x-amz-version-id: SflsMs1wsGqxklG1IVz6aQxxSaZbXa11
Accept-Ranges: bytes
Content-Length: 43356
x-amz-id-2: CApOhU2VpP+u7hBzgjAfbqSKv1p5oySy0fpPYOTiMOahiNl5jladbkuzq/2j+TuNEI7yl5mHdHc=

GET
H/1.1 200
OK Scripts.js Show response
siteforward-code.s3.ca-central-1.amazonaws.com/ 46 KB
47 KB 511ms
134ms Script
text/plain 52.95.147.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteforward-code.s3.ca-central-1.amazonaws.com/Scripts.js
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.176 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f15a178fd810ef0f680baafbf39d071bba059692bdfe17c38741b40f41d3684d

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:16 GMT
Last-Modified: Wed, 11 Aug 2021 14:53:40 GMT
Server: AmazonS3
x-amz-request-id: ZBJ21N7VSF3XF85F
ETag: "f9394a5ab1b54d159329f7ebfbd97f0c"
Content-Type: text/plain; charset=utf-8
x-amz-version-id: HpsMkj1aBDaS5AsvFtiOESvAbUKEWC57
Accept-Ranges: bytes
Content-Length: 47495
x-amz-id-2: V7zmj3+H+P/XJsNxIK9n0YpNnTCDnafTWotoyAEohdKucrcAPrqZSEiaeqUiQDK3lf1fxgIY50c=

GET
H2 200 bill-1.jpg
static.twentyoverten.com/5ba3f2a66467226c198e0d9f/HkNhcPIKQ/cropped/ 9 KB
9 KB 497ms
439ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5ba3f2a66467226c198e0d9f/HkNhcPIKQ/cropped/bill-1.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4a839a6c47b5942171a973f47da0c9ad6dd7d37b721475be79a6f4f7c6994e2

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Mon, 24 Sep 2018 13:46:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "c696e8ab2187d436f2ea86fa69dffbec"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9011
x-amz-cf-id: y0W29aNhVLZPHudQYLncAXDcpxCQvR-xDKVXUlvUsqlORlMYmc1cXg==

GET
H2 200 DSC_8805JPG.jpg
static.twentyoverten.com/5ba3f2a66467226c198e0d9f/HkPR9DIYX/cropped/ 170 KB
171 KB 548ms
491ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5ba3f2a66467226c198e0d9f/HkPR9DIYX/cropped/DSC_8805JPG.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edb930ed73307fefd32ffec6e07bb8be2eb4f5f26002a50945d161fdb0c2671a

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Mon, 24 Sep 2018 13:46:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "c1b46c8bb16b7580d8999ddab4ded11b"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 174567
x-amz-cf-id: QOeor6W5k3w9pdSsO4RDk0Bg9HaBCWI5hjTtBYnCaYVHqVXkdXRYvQ==

GET
H/1.1 200
OK IIROC-en.png
siteforward-images.s3.ca-central-1.amazonaws.com/ 12 KB
13 KB 545ms
143ms Image
image/png 52.95.145.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siteforward-images.s3.ca-central-1.amazonaws.com/IIROC-en.png
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.152 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02a3e8b0456b3777aea87d72949266c0e51f52a1e84e2acd7bbd64e1b3796b12

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 27 Aug 2021 17:28:17 GMT
Last-Modified: Thu, 10 Dec 2020 18:04:18 GMT
Server: AmazonS3
x-amz-request-id: 6VFAT3GQ80JSZ3XZ
ETag: "6238ad623711f8eccf7932cf652951ec"
x-amz-version-id: AAk8iyOkLwkqOtTckp1A7x8AVvGv4BAV
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 12667
x-amz-id-2: nUHWSNZKUK4QMIb88nb4PgNeZx8xiUxSwQIuw1JJFI5Z2/bNYDEVo8MsLcR9Jky4MfR8Di3azHk=

GET
H/1.1 200
OK AdvisorReport-en.png
siteforward-images.s3.ca-central-1.amazonaws.com/ 6 KB
6 KB 597ms
159ms Image
image/png 52.95.145.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siteforward-images.s3.ca-central-1.amazonaws.com/AdvisorReport-en.png
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.152 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a3e823dd5cd90ce27a6b688c0d9d356d891bdadf837f1ffc558bc39395e75cd2

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 27 Aug 2021 17:28:17 GMT
Last-Modified: Thu, 10 Dec 2020 18:04:17 GMT
Server: AmazonS3
x-amz-request-id: 6VF7XMEB9X8XSMYH
ETag: "bd6f051bc383f6a6a5f3f8ee404410d8"
x-amz-version-id: u2BySEoht3YQf7qzHqrendKusUTkolXW
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5867
x-amz-id-2: 6Swwy99o43PzXjbCPC/jgFppMfEHz7hUFDxPjhtfEVe6xKZuYgsFMsHyoGK9ie1+A/rGxAsmpVI=

GET
H2 200 CIPF-en.png
static.twentyoverten.com/5b6499146b80a9633b347026/2DKrCkpWTuP/ 6 KB
7 KB 449ms
392ms Image
image/png 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5b6499146b80a9633b347026/2DKrCkpWTuP/CIPF-en.png
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8bde3f221eaae6f4cdeb3bc1b5fca3678b65c1b9e4d52f0f05a4941f0ec4d35

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 19:03:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "69ec733d6f4d5db0ddb667d1bc181003"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6642
x-amz-cf-id: naetIRvKGBghhlRZeiys1MJyJHcSMlgu_QgLJh9O351jvJ1AmBqRHA==

GET
H2 200 manulife-securities-english-linear-white.png
static.twentyoverten.com/5d1211003e8a5c4859f4da4e/CkpU-RhbMDi/ 11 KB
11 KB 457ms
400ms Image
image/png 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5d1211003e8a5c4859f4da4e/CkpU-RhbMDi/manulife-securities-english-linear-white.png
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc7adae53225320f908cd974bfdc32aeba06200b21598a94f8348e2847ec73df

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2019 13:10:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "d219fb9875998e1c02b98d8470a3e914"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 10854
x-amz-cf-id: 3D5ivGXTOjMh7vYrtJmPKcZLHit0-s6e2_D-0FZ6J1d2EpRoVs1aUA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 15:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 15:11:51 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
643 B 18ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14b528df64c8af3d6b7c6d50ef153508fce0a1cb44843e9ca29d17656036c515

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 27 Aug 2021 17:28:15 GMT

GET
H/1.1 200
OK global-2.0.2.js Show response
billnoble.ca/assets/frameworks/assets/dist/js/ 2 MB
438 KB 101ms
101ms Script
application/javascript 52.22.216.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://billnoble.ca/assets/frameworks/assets/dist/js/global-2.0.2.js
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.22.216.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-216-73.compute-1.amazonaws.com
Software: / Express
Resource Hash: 3fad11179a5fdee5112fab0752933e3fdb3fe91add03a9dc8ad6f18e5dd1e4ad

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: billnoble.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://billnoble.ca/
Connection: keep-alive
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:15 GMT
Content-Encoding: gzip
ETag: W/"1bf47c-17acfacf2b5"
Last-Modified: Thu, 22 Jul 2021 19:24:15 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H/1.1 200
OK main-3.0.0.js Show response
billnoble.ca/assets/frameworks/themes/iris/3.0.0/assets/dist/js/ 923 KB
191 KB 101ms
101ms Script
application/javascript 52.22.216.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://billnoble.ca/assets/frameworks/themes/iris/3.0.0/assets/dist/js/main-3.0.0.js
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.22.216.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-216-73.compute-1.amazonaws.com
Software: / Express
Resource Hash: fc5fa5c3816af5ebee7a7da35ca0c3f9d086d6a8f12e6e4462318d9cfad55915

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: billnoble.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://billnoble.ca/
Connection: keep-alive
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:16 GMT
Content-Encoding: gzip
ETag: W/"e6cba-177d25dc9d2"
Last-Modified: Wed, 24 Feb 2021 04:48:17 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126729133-1

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ab9aa863496a53ef8f3dfaf16afa4f7607e777985e6e60be04126c93bf0fe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41234
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46480539-15

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

883d9d8063789a7d2780467ea340a66fa61dea4502081b87db3cb128fcabeaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41231
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H2 200 embed Show response
www.google.com/maps/ Frame DF30 3 KB
1 KB 154ms
154ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11604.842877189605!2d-79.8004747!3d43.3517027!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb4263c6fa0d89be8!2sBill+Noble+is+a+Financial+Advisor!5e0!3m2!1sen!2sca!4v1564151496963!5m2!1sen!2sca

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c0bcb602ee096cfb51f056429e084f6375fc501ba7a895147f522c4add891364

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-jZOtfVjUHNykEoeObUZv3g==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed?pb=!1m14!1m8!1m3!1d11604.842877189605!2d-79.8004747!3d43.3517027!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb4263c6fa0d89be8!2sBill+Noble+is+a+Financial+Advisor!5e0!3m2!1sen!2sca!4v1564151496963!5m2!1sen!2sca
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billnoble.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billnoble.ca/

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 27 Aug 2021 17:28:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jZOtfVjUHNykEoeObUZv3g==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1111
x-xss-protection: 0
server-timing: gfet4t7; dur=141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 616 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e548b92f1a23341bb2936ee992373c701cd532320c2a8fb1077afc006c1c5fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 iStock-913410718.jpg
static.twentyoverten.com/5ba3f2a66467226c198e0d9f/H1JKS5dhm/ 285 KB
286 KB 733ms
718ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5ba3f2a66467226c198e0d9f/H1JKS5dhm/iStock-913410718.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1aacea87cb73c8bc0bcdb78ce110d788dca2b4533976b6ca3799adcd90a166c3

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 01 Nov 2018 15:02:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "3b192acdb4c7bf9e0a4f88d40c963596"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 292132
x-amz-cf-id: 7ceKbZxAfFAHDKWtBP_3RewfBELhzZyEctUmwHhmY2-KAYuPKjlUHw==

GET
H2 200 iStock-939830386.jpg
static.twentyoverten.com/5ba3f2a66467226c198e0d9f/BJGIP5O3m/cropped/ 179 KB
180 KB 481ms
469ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5ba3f2a66467226c198e0d9f/BJGIP5O3m/cropped/iStock-939830386.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f85df822655d7f15ddd9c076636b9f84213cb498a72d1afbbeb5f98606ba586

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 01 Nov 2018 15:10:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "c58ea3b17307df87a46f84595147d522"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 183627
x-amz-cf-id: 8Lxh4AFhozQt6hLJ2NRy5sI9Ybj7BoKC3zetOLw3bPYvbqfVVgjkUQ==

GET
H2 200 iStock-613657228.jpg
static.twentyoverten.com/5ba3f2a66467226c198e0d9f/BkS0d9O2X/cropped/ 289 KB
289 KB 533ms
533ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5ba3f2a66467226c198e0d9f/BkS0d9O2X/cropped/iStock-613657228.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac66765a2282f8743ea50de195f3683fe4d99dd3b2714fa9a002edf80206a608

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 01 Nov 2018 15:16:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "8bd0a92ca72f058789bccef6477e4df5"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 295457
x-amz-cf-id: P_7OvXUcSmlKHXDH3cMN15hh2qO5MGQkr6T_kTwbY6nTMYZVRoxBHw==

GET
H2 200 iStock-481345926.jpg
static.twentyoverten.com/5ba3f2a66467226c198e0d9f/r1au0j8YQ/ 179 KB
179 KB 461ms
461ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/5ba3f2a66467226c198e0d9f/r1au0j8YQ/iStock-481345926.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c6f6927189e75fc226d18b19cc8157d2ccd636792b980f80cf8b16d4cc11d18

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Mon, 24 Sep 2018 18:35:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "b00439e54f70503943683f5004667180"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 183108
x-amz-cf-id: 1ZyWy-mXSp8-QYGHQMLEqqma3S7vPeyFthyFM-1oMvYgBLmWqJIJbw==

GET
DATA 200
OK truncated
/ 566 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9dac174850ffb4361001e3738b49b6f835e78fa2028a8753909509bd131de05

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v14/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v14/wlp_gwjKBV1pqhv43IE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

642d97daf5734304f14a112f401f96397bdd3ff2a828903bc251135ff18e83bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:08:54 GMT
x-content-type-options: nosniff
age: 127161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 06:08:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:32:51 GMT
x-content-type-options: nosniff
age: 320124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:32:51 GMT

GET
H2 200 wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v14/ 18 KB
19 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v14/wlpygwjKBV1pqhND-ZQW-WM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e7b2a56dd73327ffe57558d0301478738d495a64942f0f91fc18b4de463207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 16:06:20 GMT
x-content-type-options: nosniff
age: 264115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18872
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:59:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 16:06:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 00:41:04 GMT
x-content-type-options: nosniff
age: 146831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 00:41:04 GMT

GET
H3-29 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
67 KB 401ms
389ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Origin: https://billnoble.ca
Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6VF24WHPHZNQVXS4
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 67400
x-amz-id-2: ltuUMz0TDUs/NgUW27ua6cX0F9NRebHT82Zcn3lGQTw3p3jmjG8rgDF+vkpiEWtC9zqwcvyqDE4=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLivFKMA%2F%2FvtudoAlCIT19LnvEvCylBSoNHJKQD1NmaeC7IR%2FQ2KQolQJ9RG427p9CxU428nigK8fT0wr00%2BHm8XrHEvDmt0VmSKCb68AmUK3Uljk8vMS632H%2Fmcn8%2FgMPWaLxfEL9p0H7OCw2ics6vA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 685703ebfc344e2c-FRA

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 01:26:16 GMT
x-content-type-options: nosniff
age: 316919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24428
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 01:26:16 GMT

GET
H3-29 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,000,000i|Cardo:400,400i,000,000i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:29:48 GMT
x-content-type-options: nosniff
age: 320308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:29:48 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ 340 KB
132 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://billnoble.ca
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 13:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:29:19 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame DF30 147 KB
48 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d11604.842877189605!2d-79.8004747!3d43.3517027!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xb4263c6fa0d89be8!2sBill+Noble+is+a+Financial+Advisor!5e0!3m2!1sen!2sca!4v1564151496963!5m2!1sen!2sca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

1377b0e05691019f0f848bcbf126d952b937b5c2425e1731dbfa805bf8cfbf5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:20:20 GMT
content-encoding: gzip
server: mafe
age: 476
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48725
x-xss-protection: 0
expires: Fri, 27 Aug 2021 17:50:20 GMT

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/46/2/ Frame DF30 253 KB
253 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/46/2/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dfb8aef88e8c3ffe178de14098ef777b77da647d7e87a22d0c8fe5badbf548b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 19:16:17 GMT
vary: Accept-Encoding, Origin
last-modified: Mon, 23 Aug 2021 22:27:11 GMT
server: sffe
x-content-type-options: nosniff
age: 166319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258632
x-xss-protection: 0
expires: Thu, 25 Aug 2022 19:16:17 GMT

GET
H3-29 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/2/ Frame DF30 87 KB
31 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/2/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

455c49a53ac31dc2794d521ac8212f821662e0075647080ca5d685e0667ff075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 15:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32220
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 22:27:16 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 15:48:10 GMT

GET
H3-29 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/2/ Frame DF30 288 KB
288 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/2/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb53f58f63279780853d208216421b99187672af5c59f83dd50218ad81e4f5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:50:07 GMT
vary: Accept-Encoding, Origin
last-modified: Mon, 23 Aug 2021 22:27:16 GMT
server: sffe
x-content-type-options: nosniff
age: 20289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 294953
x-xss-protection: 0
expires: Sat, 27 Aug 2022 11:50:07 GMT

GET
H3-29 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/2/ Frame DF30 60 KB
22 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/2/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb1078465b818008a17eeac9413ec2aa57ff89df81440f6511c26da1e3356a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 12:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22627
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 22:27:16 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 12:16:10 GMT

GET
H3-29 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/2/ Frame DF30 4 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/2/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa8eba84328374ec2bfa6ce2ae2e2bfcf1f7ef2a268ae450e9f51d6e80cd5733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1395
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 22:27:16 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 19:17:57 GMT

GET
H3-29 200 google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame DF30 2 KB
2 KB 23ms
21ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/google4.png

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H3-29 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame DF30 27 KB
28 KB 101ms
100ms Image
image/png 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i1167197&2i1535425&2e1&3u14&4m2&1u424&2u300&5m5&1e0&5sen&6sca&10b1&12b1&client=google-maps-embed&token=71238

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

99d657a2cd435ea5087e9c7d32b219b50c5c686c131a2d6630185b821042d8e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28156
x-xss-protection: 0
expires: Sat, 28 Aug 2021 17:28:16 GMT

GET
H3-29 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/2/ Frame DF30 25 KB
25 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/2/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dbaaa8a8fb94b875bdfd793c7b6799dc3d09a4f06e61dedf1ec3713b4e1e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 05:17:39 GMT
vary: Accept-Encoding, Origin
last-modified: Mon, 23 Aug 2021 22:27:16 GMT
server: sffe
x-content-type-options: nosniff
age: 43837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25708
x-xss-protection: 0
expires: Sat, 27 Aug 2022 05:17:39 GMT

GET
H3-29 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/2/ Frame DF30 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/2/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=ca&callback=onApiLoad

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36bdd1f88a3217a17f645f17caa7bf960311f18af139bab527c80aba38911655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 19:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1230
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 22:27:16 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 19:17:57 GMT

GET
H3-29 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame DF30 326 B
348 B 14ms
13ms Image
image/bmp 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H3-29 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame DF30 16 KB
2 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d43.32273045598503&2d-79.85627340080221&2m2&1d43.38077370277108&2d-79.74580399562876&2u14&4sen&5e0&6sm%40570000000&7b0&8e0&11e289&12e2&callback=_xdc_._w2gjrd&client=google-maps-embed&token=87088

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/2/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

827ca304ce3757d49f107a30e64208a37dfd787baebbd75f06d31e8fa06a6eb2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame DF30 3 KB
965 B 23ms
23ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d43.32168193225788&2d-79.84144428639881&2m2&1d43.38049908900032&2d-79.75985919801414&2u11&4sen&5e2&7b0&8e0&11e289&12e2&callback=_xdc_._a72tfa&client=google-maps-embed&token=7163

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/2/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c59024cfe993b910ccd270c68bc25dcd856dcd1d3676c65e19f7f27120599b87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK feed_api Show response
app.twentyoverten.com/ 61 KB
6 KB 422ms
177ms XHR
application/json 18.209.242.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.twentyoverten.com/feed_api?url=https%3A%2F%2FSiteforward.ca%2Frss-feed%2Ffeed.xml
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.209.242.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-242-7.compute-1.amazonaws.com
Software: / Express
Resource Hash: b988fa127f1a29d801d13a7a0c630524ff5b57daaf088b380e4b856ed7cffa82

Request headers

Accept: */*
Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 17:28:16 GMT
Content-Encoding: gzip
ETag: W/"f2b5-pxbcYRxw46XHGsSOYYDLkjY5Ugk"
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Accept-Encoding
Keep-Alive: timeout=5

GET
H3-29 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 64 KB
65 KB 413ms
413ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Origin: https://billnoble.ca
Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6VF0DD3F00KJGCAG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 65316
x-amz-id-2: iVdv+3999PRI6WY/tM50CBt9mXQLFNqUOATygv0nhnK9/jbSaKUyc8tCFNXBOCtdWQ3odEOEMSU=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "48461ea4e797c9774dabb4a0440d2f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1uMmWb016GIgwDW1c70uJAIYTboGIrc2%2Fb9znS%2FZ4NvgATFq1TuMnAaG2I%2Bb5qYGsHz0zgahz%2BIDBe5QCuTUvWS1K95bwp%2FdiT%2FlfYGr4YhIW0c%2FA5kAS9qqkv%2FxuLYtbi4B8t7mAHX0VJMiTUNBraN"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 685703ef8a614e2c-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
826 B 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/assets/frameworks/assets/dist/js/global-2.0.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f8361895e5a7405efe980b5dd1ba4dcdffdbfabfb895af4fe675f54786dec72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 387A 40 KB
20 KB 30ms
29ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&co=aHR0cHM6Ly9iaWxsbm9ibGUuY2E6NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&cb=p0cv6f9k41jw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd1b3736fe751543d7ad0d621aae461f1719c29526e31f5ebc6011831c279996

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W1cmpZDZJ9B/VgyDnjaWBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&co=aHR0cHM6Ly9iaWxsbm9ibGUuY2E6NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&cb=p0cv6f9k41jw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billnoble.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billnoble.ca/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Aug 2021 17:28:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-W1cmpZDZJ9B/VgyDnjaWBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20938
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126729133-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2172
date: Fri, 27 Aug 2021 16:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 27 Aug 2021 18:52:04 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46480539-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126729133-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c17c832d78359eb281023a10c3eed3b9b2d9fdb904116ca0fc9788e1e1cfe90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41245
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/528656c7/www-widgetapi.vflset/ 125 KB
42 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/528656c7/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7a5a53379be40febc32a3991574b89d1f489a3f7ce0593c0203ae5b0b9bdba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 17:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 15:51:20 GMT
server: sffe
age: 87789
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42804
x-xss-protection: 0
expires: Fri, 26 Aug 2022 17:05:07 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 387A 52 KB
25 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&co=aHR0cHM6Ly9iaWxsbm9ibGUuY2E6NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&cb=p0cv6f9k41jw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 15:26:14 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 387A 340 KB
132 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 13:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:29:19 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=33704539&t=pageview&_s=1&dl=https%3A%2F%2Fbillnoble.ca%2F&ul=en-us&de=UTF-8&dt=Bill%20Noble&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1267987673&gjid=1224422658&cid=34088543.1630085297&tid=UA-126729133-1&_gid=763175563.1630085297&_r=1&gtm=2ou8p0&z=1245701180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 17:28:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://billnoble.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=33704539&t=pageview&_s=1&dl=https%3A%2F%2Fbillnoble.ca%2F&ul=en-us&de=UTF-8&dt=Bill%20Noble&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=737537018&gjid=123081114&cid=34088543.1630085297&tid=UA-46480539-15&_gid=763175563.1630085297&_r=1&gtm=2ou8p0&z=1615188028

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 17:28:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://billnoble.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-46480539-15&cid=34088543.1630085297&jid=737537018&gjid=123081114&_gid=763175563.1630085297&_u=YEDAAUABAAAAAC~&z=1910437306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 27 Aug 2021 17:28:16 GMT
content-type: text/plain
access-control-allow-origin: https://billnoble.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 387A 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 387A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 387A 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 23:34:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 323651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 30 Aug 2021 23:34:05 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 387A 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 22006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 11:21:30 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 387A 102 B
132 B 15ms
14ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR

Requested by

Host: billnoble.ca
URL: https://billnoble.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&co=aHR0cHM6Ly9iaWxsbm9ibGUuY2E6NDQz&hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&size=normal&cb=p0cv6f9k41jw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 27 Aug 2021 17:28:16 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 902B 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&cb=pdsqvqlek3yb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

385aa862f674b5cbc05a1be043904ea8284b1ecdec223165e1d6a1467256789d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fN0jT4n4wtY+BQPVsjXtGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&cb=pdsqvqlek3yb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://billnoble.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://billnoble.ca/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Aug 2021 17:28:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-fN0jT4n4wtY+BQPVsjXtGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 902B 52 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&cb=pdsqvqlek3yb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 15:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 15:26:14 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/ Frame 902B 340 KB
132 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Q_rrUPkK1sXoHi4wbuDTgcQR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Q_rrUPkK1sXoHi4wbuDTgcQR&k=6Le1fq8UAAAAAI2PgwJrWWd-eXTTK-BUkQMngZcL&cb=pdsqvqlek3yb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 13:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135330
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 04:03:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 13:29:19 GMT

GET
H2 200 valuablesafeguardresized_istock-843906686.jpg
static.twentyoverten.com/content/featured/ 732 KB
734 KB 523ms
522ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/content/featured/valuablesafeguardresized_istock-843906686.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7119d8c678766fa540422476720102464380ffbd936f245130deebc6e633827

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:18 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-meta-fieldname: files
last-modified: Mon, 19 Apr 2021 14:10:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "b07fb91debad50532a87a91641e68c4d"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 749990
x-amz-cf-id: h2LlaqgMHE2--5M-qn8fngC1oBMsXtFPR5rGfDWtvW9bs40CwaoveQ==

GET
H2 200 feature_x-myths-about-generational-wealth-youve-likely-heard.jpg
static.twentyoverten.com/content/featured/ 1009 KB
1011 KB 409ms
408ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/content/featured/feature_x-myths-about-generational-wealth-youve-likely-heard.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79ca427ff2511a1c540f32f5ecf13112ea6a5dd2b217870744c2893305d8b960

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:18 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-meta-fieldname: files
last-modified: Tue, 22 Jun 2021 17:42:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "3575917d563614217a9c1052697fbee6"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 1033610
x-amz-cf-id: i4HW1z09ErmopecKqUpDVeg4ytEGRAI6Behuo1elGWA212SIjFIY2A==

GET
H2 200 featured_value-vs-growth-investing-whats-the-difference.jpg
static.twentyoverten.com/content/featured/ 1 MB
1 MB 523ms
523ms Image
image/jpeg 2600:9000:21f3:fe00:14:68a3:abc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.twentyoverten.com/content/featured/featured_value-vs-growth-investing-whats-the-difference.jpg
Requested by: Host: billnoble.ca
URL: https://billnoble.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fe00:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2026cff813c2aff4cbce3e5934a0a9e10d0cf6315de7833df228ca7fb204e315

Request headers

Referer: https://billnoble.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 17:28:18 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-meta-fieldname: files
last-modified: Mon, 26 Jul 2021 14:26:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "1104d93d019be726a5ccb4e56ba1522a"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 1259260
x-amz-cf-id: YaBYo-Y0y9YHFut9pQlnidnUOsw7KsslOAh7bqXmks5gMbYEvlPPfQ==

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame DF30 62 B
142 B 15ms
15ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Fpb%3D!1m14!1m8!1m3!1d11604.842877189605!2d-79.8004747!3d43.3517027!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%253A0xb4263c6fa0d89be8!2sBill%2BNoble%2Bis%2Ba%2BFinancial%2BAdvisor!5e0!3m2!1sen!2sca!4v1564151496963!5m2!1sen!2sca&2sgoogle-maps-embed&callback=_xdc_._ye3h5o&client=google-maps-embed&token=22206

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/2/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

737dbc76755f874a63d3c457fc603e74fc3529e2bdf8a05e43980efe5a2dfa0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Aug 2021 17:28:21 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.billnoble.ca/	1970-01-19 20:48:05	Name: _gat_gtag_UA_126729133_1 Value: 1
.billnoble.ca/	1970-01-19 20:48:05	Name: _gat_gtag_UA_46480539_15 Value: 1
.billnoble.ca/	1970-01-19 20:49:31	Name: _gid Value: GA1.2.763175563.1630085297
.billnoble.ca/	1970-01-20 14:19:17	Name: _ga Value: GA1.2.34088543.1630085297

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.twentyoverten.com
billnoble.ca
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
siteforward-code.s3.ca-central-1.amazonaws.com
siteforward-images.s3.ca-central-1.amazonaws.com
static.twentyoverten.com
stats.g.doubleclick.net
use.fontawesome.com
www.billnoble.ca
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
18.209.242.7
2600:9000:21f3:fe00:14:68a3:abc0:93a1
2606:4700:3031::ac43:d645
2606:4700:3037::6815:4e07
2a00:1450:4001:800::200a
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9c
52.22.216.73
52.95.145.152
52.95.147.176
02a3e8b0456b3777aea87d72949266c0e51f52a1e84e2acd7bbd64e1b3796b12
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c17c832d78359eb281023a10c3eed3b9b2d9fdb904116ca0fc9788e1e1cfe90
0c6f6927189e75fc226d18b19cc8157d2ccd636792b980f80cf8b16d4cc11d18
1377b0e05691019f0f848bcbf126d952b937b5c2425e1731dbfa805bf8cfbf5d
14b528df64c8af3d6b7c6d50ef153508fce0a1cb44843e9ca29d17656036c515
1aacea87cb73c8bc0bcdb78ce110d788dca2b4533976b6ca3799adcd90a166c3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f8361895e5a7405efe980b5dd1ba4dcdffdbfabfb895af4fe675f54786dec72
2026cff813c2aff4cbce3e5934a0a9e10d0cf6315de7833df228ca7fb204e315
22e7b2a56dd73327ffe57558d0301478738d495a64942f0f91fc18b4de463207
36bdd1f88a3217a17f645f17caa7bf960311f18af139bab527c80aba38911655
385aa862f674b5cbc05a1be043904ea8284b1ecdec223165e1d6a1467256789d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f85df822655d7f15ddd9c076636b9f84213cb498a72d1afbbeb5f98606ba586
3fad11179a5fdee5112fab0752933e3fdb3fe91add03a9dc8ad6f18e5dd1e4ad
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
455c49a53ac31dc2794d521ac8212f821662e0075647080ca5d685e0667ff075
4cb1078465b818008a17eeac9413ec2aa57ff89df81440f6511c26da1e3356a2
4fdb97f4c7f832b7b6c32c1e08aa06f3f1a04a8237f8847648793f3ce277edbd
5477255b6328338e47655a1f068b45ef88ed3c628b79fd0488764cfe5f999e57
5bd7f2998d5e0cab6c5eb370623428e7c00e99d5db6942c4c8f7f6dd41100f2e
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
642d97daf5734304f14a112f401f96397bdd3ff2a828903bc251135ff18e83bc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
737dbc76755f874a63d3c457fc603e74fc3529e2bdf8a05e43980efe5a2dfa0a
79ca427ff2511a1c540f32f5ecf13112ea6a5dd2b217870744c2893305d8b960
7dfb8aef88e8c3ffe178de14098ef777b77da647d7e87a22d0c8fe5badbf548b
7e548b92f1a23341bb2936ee992373c701cd532320c2a8fb1077afc006c1c5fc
827ca304ce3757d49f107a30e64208a37dfd787baebbd75f06d31e8fa06a6eb2
883d9d8063789a7d2780467ea340a66fa61dea4502081b87db3cb128fcabeaa5
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8b8e48e34a5377d098123ef7c12e2f202d7ce0e4bebaf7b8bf502c276b628b5a
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
99d657a2cd435ea5087e9c7d32b219b50c5c686c131a2d6630185b821042d8e5
9ab9aa863496a53ef8f3dfaf16afa4f7607e777985e6e60be04126c93bf0fe4c
a3e823dd5cd90ce27a6b688c0d9d356d891bdadf837f1ffc558bc39395e75cd2
a7dbaaa8a8fb94b875bdfd793c7b6799dc3d09a4f06e61dedf1ec3713b4e1e45
aa8eba84328374ec2bfa6ce2ae2e2bfcf1f7ef2a268ae450e9f51d6e80cd5733
ac66765a2282f8743ea50de195f3683fe4d99dd3b2714fa9a002edf80206a608
b1ba960521370c2179541d077e58a428be311863f8cf420a99f8027096fe5b43
b988fa127f1a29d801d13a7a0c630524ff5b57daaf088b380e4b856ed7cffa82
c0bcb602ee096cfb51f056429e084f6375fc501ba7a895147f522c4add891364
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c59024cfe993b910ccd270c68bc25dcd856dcd1d3676c65e19f7f27120599b87
c8a902a2754518d002269d054c17e75843ffa0729a42700e77b8587855d52794
c9dac174850ffb4361001e3738b49b6f835e78fa2028a8753909509bd131de05
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cb53f58f63279780853d208216421b99187672af5c59f83dd50218ad81e4f5ba
cbc0e03691e5e7313ecf467ac3a50c7d78f6ee259c490c0ded16707330da81fa
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cd1b3736fe751543d7ad0d621aae461f1719c29526e31f5ebc6011831c279996
d4a839a6c47b5942171a973f47da0c9ad6dd7d37b721475be79a6f4f7c6994e2
dcb2a59ea6c5d9955b9786557d431c67914703b6dec5322e10773395c752dd45
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
edb930ed73307fefd32ffec6e07bb8be2eb4f5f26002a50945d161fdb0c2671a
f15a178fd810ef0f680baafbf39d071bba059692bdfe17c38741b40f41d3684d
f7119d8c678766fa540422476720102464380ffbd936f245130deebc6e633827
f7a5a53379be40febc32a3991574b89d1f489a3f7ce0593c0203ae5b0b9bdba0
f8bde3f221eaae6f4cdeb3bc1b5fca3678b65c1b9e4d52f0f05a4941f0ec4d35
fc5fa5c3816af5ebee7a7da35ca0c3f9d086d6a8f12e6e4462318d9cfad55915
fc7adae53225320f908cd974bfdc32aeba06200b21598a94f8348e2847ec73df
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

billnoble.ca Open in urlscan Pro 52.22.216.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

68 Requests

100 %HTTPS

83 %IPv6

11 Domains

18 Subdomains

25 IPs

4 Countries

6584 kBTransfer

10346 kBSize

4 Cookies

12 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

billnoble.ca Open in urlscan Pro
52.22.216.73 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

18
Subdomains

25
IPs

4
Countries

6584 kB
Transfer

10346 kB
Size

4
Cookies

68 HTTP transactions
4 data transactions