www.safewheels.ca Open in urlscan Pro
3.225.210.154 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safewheels.ca/
Effective URL:
https://www.safewheels.ca/
Submission: On March 15 via automatic, source certstream-suspicious (March 15th 2020, 9:02:28 pm UTC)

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 3.225.210.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.safewheels.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 15th 2020. Valid for: 3 months.

This is the only time www.safewheels.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.244.91.100 216.244.91.100	23033 (WOW) (WOW)
1	3.225.210.154 3.225.210.154	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.73.93 13.225.73.93	16509 (AMAZON-02) (AMAZON-02)
5	13.227.209.229 13.227.209.229	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.55.25.229 52.55.25.229	14618 (AMAZON-AES) (AMAZON-AES)
2	35.172.13.100 35.172.13.100	14618 (AMAZON-AES) (AMAZON-AES)
23	10

1 216.244.91.100 (Seattle, United States) 1 redirects

ASN23033 (WOW, US)
PTR: ns3.boxne.com

safewheels.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.210.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-210-154.compute-1.amazonaws.com

www.safewheels.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-93.fra2.r.cloudfront.net

cdn.wishpond.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.227.209.229 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-209-229.ams54.r.cloudfront.net

d30itml3t0pwpf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.55.25.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-25-229.compute-1.amazonaws.com

www.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.13.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-13-100.compute-1.amazonaws.com

bookie.wishpond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	wishpond.com www.wishpond.com bookie.wishpond.com	12 KB
5	cloudfront.net d30itml3t0pwpf.cloudfront.net	526 KB
3	gstatic.com fonts.gstatic.com	77 KB
2	cloudflare.com cdnjs.cloudflare.com	77 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	safewheels.ca 1 redirects safewheels.ca www.safewheels.ca	13 KB
1	googleusercontent.com themes.googleusercontent.com	15 KB
1	wishpond.net cdn.wishpond.net	36 KB
23	8

	Domain	Requested by
6	www.wishpond.com	cdn.wishpond.net d30itml3t0pwpf.cloudfront.net
5	d30itml3t0pwpf.cloudfront.net	www.safewheels.ca
3	fonts.gstatic.com	www.safewheels.ca
2	bookie.wishpond.com	d30itml3t0pwpf.cloudfront.net
2	cdnjs.cloudflare.com	www.safewheels.ca
2	fonts.googleapis.com	www.safewheels.ca
1	themes.googleusercontent.com	www.safewheels.ca
1	cdn.wishpond.net	www.safewheels.ca
1	www.safewheels.ca
1	safewheels.ca	1 redirects
23	10

This site contains no links.

Subject Issuer	Validity	Valid
www.safewheels.ca Let's Encrypt Authority X3	`2020-03-15` - `2020-06-13`	3 months	crt.sh
cdn.wishpond.net Amazon	`2019-12-17` - `2021-01-17`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.wishpond.com DigiCert SHA2 Secure Server CA	`2019-03-04` - `2021-06-06`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.safewheels.ca/
Frame ID: 6DE733AB2A56453D5A1929F2C7856826
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://safewheels.ca/ HTTP 301
https://www.safewheels.ca/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

757 kB
Transfer

1135 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safewheels.ca/ HTTP 301
https://www.safewheels.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.safewheels.ca/
Redirect Chain

https://safewheels.ca/
https://www.safewheels.ca/

44 KB
12 KB

470ms
176ms

Document
text/html

3.225.210.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safewheels.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.210.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-210-154.compute-1.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: f904b8f363c0f8e6c7b7ef0b326faf51358a329d41e1066c371fee94a7c90032

Request headers

Host: www.safewheels.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: openresty/1.15.8.2
Date: Sun, 15 Mar 2020 21:02:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="NON"
X-Wishpond-Host: wishpondv1-server-669989d4f-x7zwf
X-Wishpond-Prefix: PagesV2r/03c969/1
X-Wishpond-Version: 20200306000001
X-Wishpond-Queries: 0
X-Wishpond-Guard: 1584305730.7602012
X-Wishpond-Generated: 2020-03-15 20:55:30 +0000
Content-Language: en
X-Request-Id: 6e7e1b28-9d3c-4af3-8790-5aae29ebed34
X-Runtime: 0.030874
Content-Encoding: gzip

Redirect headers

status: 301
date: Sun, 15 Mar 2020 21:02:09 GMT
server: Apache/2
location: https://www.safewheels.ca/
content-length: 234
content-type: text/html; charset=iso-8859-1

GET
H2 200 connect.js Show response
cdn.wishpond.net/ 138 KB
36 KB 165ms
58ms Script
application/javascript 13.225.73.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wishpond.net/connect.js?merchantId=1502723&socialCampaignId=2522047&writeKey=a5e7266a977c
Requested by: Host: www.safewheels.ca
URL: https://www.safewheels.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-93.fra2.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: f3bb985c582d26c04c677569f3e39924c2f8f1b3001569344ccf535ac39d2b67

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 18:36:10 GMT
content-encoding: gzip
last-modified: Mon, 09 Mar 2020 17:33:34 GMT
server: nginx/1.17.5
age: 527160
etag: W/"5e667dee-227d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=604800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: RwR464K4PSa_gHNjY63OHjXY6rMCqFEsR8UyxzeLDv-h8iMhbC0jlQ==
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)

GET
H/1.1 200
OK pages_v2r-9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1.js Show response
d30itml3t0pwpf.cloudfront.net/assets/ 194 KB
47 KB 135ms
35ms Script
application/javascript 13.227.209.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1.js
Requested by: Host: www.safewheels.ca
URL: https://www.safewheels.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.209.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-209-229.ams54.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 15 Jan 2020 17:59:18 GMT
Content-Encoding: gzip
Age: 5194972
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 47244
Via: 1.1 0f34c0d3b0e50b8875bcbb7d41684a59.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Jan 2020 00:59:14 GMT
Server: nginx/1.17.5
ETag: "5e1e63e2-b88c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: t2sVBepCuVg7e688NGlsxxUfrX4gsRP4XzCikjwj_qa24euXykxDKA==

GET
H/1.1 200
OK pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css
d30itml3t0pwpf.cloudfront.net/assets/ 54 KB
9 KB 131ms
34ms Stylesheet
text/css 13.227.209.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css
Requested by: Host: www.safewheels.ca
URL: https://www.safewheels.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.209.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-209-229.ams54.r.cloudfront.net
Software: nginx/1.17.5 /
Resource Hash: 8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 00:34:29 GMT
Content-Encoding: gzip
Age: 937660
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9053
Via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
Last-Modified: Wed, 04 Mar 2020 23:04:34 GMT
Server: nginx/1.17.5
ETag: "5e603402-235d"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: efW5HlGN33ux_Uq52aWNzZLS-HPkOs_ZeC8-SK8DoTM06xa2_jkfNw==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
945 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3d958e2f24bdd32f7bef8006c6d7db355ff7491aa7d4f4438b3ac286d7a51b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Mar 2020 21:02:10 GMT
server: ESF
date: Sun, 15 Mar 2020 21:02:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Mar 2020 21:02:10 GMT

GET
H/1.1 200
OK 1584297793-b377b0ae
d30itml3t0pwpf.cloudfront.net/api/v3/medias/14611826/image/opt/original/ 20 KB
20 KB 155ms
58ms Image
image/png 13.227.209.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14611826/image/opt/original/1584297793-b377b0ae

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.227.209.229 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-229.ams54.r.cloudfront.net

Software

nginx/1.17.5 /

Resource Hash

920bf07e64317cd31730278376d8872ac8b7860bcda0d17b3bea8e385c6de44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 19:03:00 GMT
Via: 1.1 acf9ad664f94bee3e3cf93077b65edeb.cloudfront.net (CloudFront)
Age: 7150
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="safewheels_logo.png"
Connection: keep-alive
X-Request-Id: 51e117a3-9e04-4917-83f9-fb612e378353
X-Runtime: 0.063299
Last-Modified: Sun, 15 Mar 2020 18:43:13 GMT
Server: nginx/1.17.5
ETag: "45990ffad18b2d4ed43fa9a54f6fcbfc"
Strict-Transport-Security: max-age=300
Content-Language: en
Cache-Control: max-age=2592000, public
X-Amz-Cf-Pop: AMS54-C1
Content-Type: image/png
X-Amz-Cf-Id: 21FpSUMTsIpwAFz-Qp_CiijJl3DkJx96niM3qXoqC6bcfoVd-R4OYw==
Expires: Tue, 14 Apr 2020 19:03:00 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ 28 KB
6 KB 17ms
17ms Stylesheet
text/css 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 26332874
cf-ray: 57492c82baba6389-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 05 Mar 2021 21:02:10 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 icon
fonts.googleapis.com/ 574 B
422 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 15 Mar 2020 21:02:10 GMT
server: ESF
date: Sun, 15 Mar 2020 21:02:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Mar 2020 21:02:10 GMT

GET
H/1.1 200
OK 1522959631-9933684d
d30itml3t0pwpf.cloudfront.net/api/v3/medias/12878658/image/opt/1600x1066%3E/ 177 KB
178 KB 31ms
31ms Image
image/jpeg 13.227.209.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/12878658/image/opt/1600x1066%3E/1522959631-9933684d

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.227.209.229 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-229.ams54.r.cloudfront.net

Software

nginx/1.17.5 /

Resource Hash

7550a1a721af65ce15317cb57e71e7cf6f837ad3dd3c603155674cb1775d35bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 16 Feb 2020 07:00:02 GMT
Via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
Age: 2469728
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="powerful-business-women-in-meeting_4460x4460.jpg"
Connection: keep-alive
X-Request-Id: 703441f4-68eb-4ca3-952e-17d3a6648311
X-Runtime: 0.501777
Last-Modified: Thu, 05 Apr 2018 20:20:31 GMT
Server: nginx/1.17.5
ETag: "1ebc5a5596805b574a6ec10b2f13cf84"
Strict-Transport-Security: max-age=300
Content-Language: en
Cache-Control: max-age=2592000, public
X-Amz-Cf-Pop: AMS54-C1
Content-Type: image/jpeg
X-Amz-Cf-Id: yPXz6K99h5UsyICtP-KG68R_IQ2kkiXb0fVKn4P6d2CBzcL2S8KTcw==
Expires: Tue, 17 Mar 2020 07:00:02 GMT

GET
H/1.1 200
OK 1535610241-151f67c2
d30itml3t0pwpf.cloudfront.net/api/v3/medias/13543460/image/opt/1600x1096%3E/ 271 KB
272 KB 57ms
36ms Image
image/jpeg 13.227.209.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/13543460/image/opt/1600x1096%3E/1535610241-151f67c2

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.227.209.229 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-209-229.ams54.r.cloudfront.net

Software

nginx/1.17.5 /

Resource Hash

844a2079954532ce6774651cddc6c818506f43ef87626d29f34fab3bd51b1ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.safewheels.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 16 Feb 2020 05:21:19 GMT
Via: 1.1 0f34c0d3b0e50b8875bcbb7d41684a59.cloudfront.net (CloudFront)
Age: 2475651
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="aerial-blog-blogger-990819.jpg"
Connection: keep-alive
X-Request-Id: 238c12e6-99f7-44d9-9ffa-757310c001c7
X-Runtime: 0.363442
Last-Modified: Thu, 30 Aug 2018 06:24:01 GMT
Server: nginx/1.17.5
ETag: "77e401b2b9142d7dc88b3753433e4831"
Strict-Transport-Security: max-age=300
Content-Language: en
Cache-Control: max-age=2592000, public
X-Amz-Cf-Pop: AMS54-C1
Content-Type: image/jpeg
X-Amz-Cf-Id: NHZYeqnpcIWTLF2cjuWGNuc2a9iNAU-KYmtBey6RwsmqdesW1F-dOg==
Expires: Tue, 17 Mar 2020 05:21:19 GMT

GET
H2 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v13/ 6 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v13/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700
Origin: https://www.safewheels.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 21:29:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Dec 2019 17:40:34 GMT
server: sffe
age: 1726359
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6332
x-xss-protection: 0
expires: Tue, 23 Feb 2021 21:29:31 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff
themes.googleusercontent.com/static/fonts/opensans/v8/ 14 KB
15 KB 28ms
6ms Font
font/woff 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/opensans/v8/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d1f6a48c9933698d13bd598ba4800dec1192bf09ce9ca7abb490c88a9af5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2_default-8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636.css
Origin: https://www.safewheels.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 22:49:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 943945
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14604
x-xss-protection: 0
expires: Thu, 04 Mar 2021 22:49:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700
Origin: https://www.safewheels.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1512904
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50/ 59 KB
60 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: https://www.safewheels.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 20:01:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 01:57:25 GMT
server: sffe
age: 435612
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Wed, 10 Mar 2021 20:01:58 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/ 70 KB
71 KB 30ms
14ms Font
application/octet-stream 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www.safewheels.ca
URL: https://www.safewheels.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://www.safewheels.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:02:10 GMT
cf-cache-status: HIT
age: 11972057
cf-ray: 57492c83ba8bdfad-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 71896
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: "5afd4910-118d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Fri, 05 Mar 2021 21:02:10 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.000

OPTIONS
H2 200 popups.json Show response
www.wishpond.com/ 0
418 B 355ms
117ms XHR
text/plain 52.55.25.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1502723&url=https%3A%2F%2Fwww.safewheels.ca%2F&social_campaign_id=2522047

Requested by

Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js?merchantId=1502723&socialCampaignId=2522047&writeKey=a5e7266a977c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.25.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-25-229.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Access-Control-Request-Method: GET
Origin: https://www.safewheels.ca
Referer: https://www.safewheels.ca/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-requested-with

Response headers

x-runtime: 0.001100
date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: gzip
server: nginx/1.17.5
access-control-allow-origin: https://www.safewheels.ca
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain
status: 200
access-control-expose-headers
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=300
access-control-allow-headers: x-requested-with
x-request-id: ed6b6cad-6d9c-4b65-9edf-61cf35ee89c1

OPTIONS
H2 200 2522047.json Show response
www.wishpond.com/pages/v2r/ 0
418 B 346ms
113ms XHR
text/plain 52.55.25.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/pages/v2r/2522047.json?index=0&variation_id=2764990

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.25.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-25-229.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Access-Control-Request-Method: GET
Origin: https://www.safewheels.ca
Referer: https://www.safewheels.ca/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-requested-with

Response headers

x-runtime: 0.001327
date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: gzip
server: nginx/1.17.5
access-control-allow-origin: https://www.safewheels.ca
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain
status: 200
access-control-expose-headers
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=300
access-control-allow-headers: x-requested-with
x-request-id: 5c075d02-42a6-43c6-b928-b077bd3ff417

OPTIONS
H2 200 2522047.json Show response
www.wishpond.com/pages/v2r/ 0
418 B 345ms
112ms XHR
text/plain 52.55.25.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/pages/v2r/2522047.json?index=1&variation_id=2764990

Requested by

Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.25.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-25-229.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Access-Control-Request-Method: GET
Origin: https://www.safewheels.ca
Referer: https://www.safewheels.ca/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-requested-with

Response headers

x-runtime: 0.001144
date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: gzip
server: nginx/1.17.5
access-control-allow-origin: https://www.safewheels.ca
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain
status: 200
access-control-expose-headers
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=300
access-control-allow-headers: x-requested-with
x-request-id: ca713bf6-9e16-4269-bb69-ab596eb08a38

OPTIONS
H2 200 view Show response
bookie.wishpond.com/v1/social_campaigns/2522047/variations/2764990/ 0
236 B 363ms
119ms XHR
text/plain 35.172.13.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bookie.wishpond.com/v1/social_campaigns/2522047/variations/2764990/view
Requested by: Host: d30itml3t0pwpf.cloudfront.net
URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.13.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-13-100.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.safewheels.ca
Referer: https://www.safewheels.ca/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-requested-with

Response headers

date: Sun, 15 Mar 2020 21:02:10 GMT
server: nginx/1.14.2
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/plain
status: 200
access-control-expose-headers: Link
access-control-allow-headers: x-requested-with

GET
H2 200 2522047.json Show response
www.wishpond.com/pages/v2r/ 31 KB
7 KB 131ms
131ms XHR
application/json 52.55.25.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/pages/v2r/2522047.json?index=0&variation_id=2764990

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.25.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-25-229.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

54223298f8727ca55bfef50b37f720d30183a5e42c8a9cf1069f08955aedb70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: application/json
Referer: https://www.safewheels.ca/
Origin: https://www.safewheels.ca
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-wishpond-prefix: PagesV2r/03c969/1
date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: gzip
x-wishpond-queries: 0
x-wishpond-version: 20200306000001
x-wishpond-generated: 2020-03-15 20:55:30 +0000
p3p: CP="NON"
status: 200
strict-transport-security: max-age=300
vary: Accept-Encoding, Origin
x-request-id: 310926c7-8bfa-4ec2-8762-a0c1b4a12d4e
x-runtime: 0.013556
server: nginx/1.17.5
x-wishpond-host: wishpondv1-server-669989d4f-jj62w
content-language: en
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.safewheels.ca
access-control-expose-headers
access-control-allow-credentials: true
x-wishpond-guard: 1584305730.7602012
x-robots-tag: noindex

GET
H2 200 2522047.json Show response
www.wishpond.com/pages/v2r/ 7 KB
3 KB 129ms
128ms XHR
application/json 52.55.25.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/pages/v2r/2522047.json?index=1&variation_id=2764990

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.25.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-25-229.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

0412141f9248b6a66236fff63398f65c24253febc70c51e8603270b6769ace01

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: application/json
Referer: https://www.safewheels.ca/
Origin: https://www.safewheels.ca
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-wishpond-prefix: PagesV2r/03c969/1
date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: gzip
x-wishpond-queries: 0
x-wishpond-version: 20200306000001
x-wishpond-generated: 2020-03-15 20:55:30 +0000
p3p: CP="NON"
status: 200
strict-transport-security: max-age=300
vary: Accept-Encoding, Origin
x-request-id: c0cb7470-22e7-4add-b46d-67624620f190
x-runtime: 0.014726
server: nginx/1.17.5
x-wishpond-host: wishpondv1-server-669989d4f-jj62w
content-language: en
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.safewheels.ca
access-control-expose-headers
access-control-allow-credentials: true
x-wishpond-guard: 1584305730.7602012
x-robots-tag: noindex

GET
H2 200 popups.json Show response
www.wishpond.com/ 13 B
634 B 125ms
125ms XHR
application/json 52.55.25.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wishpond.com/popups.json?merchant_id=1502723&url=https%3A%2F%2Fwww.safewheels.ca%2F&social_campaign_id=2522047

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.25.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-25-229.compute-1.amazonaws.com

Software

nginx/1.17.5 /

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.safewheels.ca/
Origin: https://www.safewheels.ca
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 21:02:10 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
p3p: CP="NON"
status: 200
strict-transport-security: max-age=300
x-request-id: 0afd42dd-36d3-44b4-9d05-71bf38fcee5a
x-runtime: 0.013757
server: nginx/1.17.5
access-control-max-age: 600
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language: en
access-control-allow-origin: https://www.safewheels.ca
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

POST
H2 201 view Show response
bookie.wishpond.com/v1/social_campaigns/2522047/variations/2764990/ 0
289 B 198ms
198ms XHR
text/plain 35.172.13.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bookie.wishpond.com/v1/social_campaigns/2522047/variations/2764990/view
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.13.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-13-100.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.safewheels.ca/
Origin: https://www.safewheels.ca
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.072724
date: Sun, 15 Mar 2020 21:02:11 GMT
server: nginx/1.14.2
status: 201
vary: Origin
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: text/plain
access-control-allow-origin: *
access-control-max-age: 600
cache-control: no-cache
x-request-id: e5e8c929-88cd-466f-bbda-ac59ddeee3eb
access-control-expose-headers: Link

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.safewheels.ca/	1970-01-19 16:50:42	Name: userTracker Value: "lthxw3octgok7tvh"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1502723&socialCampaignId=2522047&writeKey=a5e7266a977c(Line 4) Message: get userTracker SyntaxError: Unexpected end of JSON input
console-api	warning	URL: https://cdn.wishpond.net/connect.js?merchantId=1502723&socialCampaignId=2522047&writeKey=a5e7266a977c(Line 4) Message: get participation:2764990 SyntaxError: Unexpected end of JSON input

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookie.wishpond.com
cdn.wishpond.net
cdnjs.cloudflare.com
d30itml3t0pwpf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
safewheels.ca
themes.googleusercontent.com
www.safewheels.ca
www.wishpond.com
13.225.73.93
13.227.209.229
216.244.91.100
2606:4700::6811:4004
2606:4700::6811:4104
2a00:1450:4001:809::200a
2a00:1450:4001:815::2003
2a00:1450:4001:825::2001
3.225.210.154
35.172.13.100
52.55.25.229
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0412141f9248b6a66236fff63398f65c24253febc70c51e8603270b6769ace01
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0e16c1755f809d290b0c5e746654f10169af40c580767e0765bdd43fc542dfce
19d1f6a48c9933698d13bd598ba4800dec1192bf09ce9ca7abb490c88a9af5c0
54223298f8727ca55bfef50b37f720d30183a5e42c8a9cf1069f08955aedb70d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7550a1a721af65ce15317cb57e71e7cf6f837ad3dd3c603155674cb1775d35bc
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
844a2079954532ce6774651cddc6c818506f43ef87626d29f34fab3bd51b1ed2
8a3a4eb4903ade9e9f58c2afec56937ec52023f6636d9381f0f362d7df1d4636
920bf07e64317cd31730278376d8872ac8b7860bcda0d17b3bea8e385c6de44a
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9cdfa3bcf33d02ca6f184aaf289dac142a00d214d6bf34f56a26d6112233d5f1
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3bb985c582d26c04c677569f3e39924c2f8f1b3001569344ccf535ac39d2b67
f3d958e2f24bdd32f7bef8006c6d7db355ff7491aa7d4f4438b3ac286d7a51b2
f904b8f363c0f8e6c7b7ef0b326faf51358a329d41e1066c371fee94a7c90032

www.safewheels.ca Open in urlscan Pro 3.225.210.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

45 %IPv6

8 Domains

10 Subdomains

10 IPs

2 Countries

757 kBTransfer

1135 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

www.safewheels.ca Open in urlscan Pro
3.225.210.154 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

757 kB
Transfer

1135 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions