urlscan.io logo urlscan.io
SecurityTrails logo

www.samplesource.com Open in urlscan Pro
52.21.35.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://carrefourechantillons.ca/
Effective URL: https://www.samplesource.com/?site=fr
Submission: On December 30 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 37 HTTP transactions. The main IP is 52.21.35.25, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.samplesource.com. The Cisco Umbrella rank of the primary domain is 659415.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 11th 2023. Valid for: a year.
This is the only time www.samplesource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.96.160.129 29873 (BIZLAND-SD)
1 31 52.21.35.25 14618 (AMAZON-AES)
1 172.217.13.138 15169 (GOOGLE)
1 172.217.13.168 15169 (GOOGLE)
2 104.26.11.188 13335 (CLOUDFLAR...)
1 172.217.13.142 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
37 7
1    66.96.160.129 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 129.160.96.66.static.eigbox.net
carrefourechantillons.ca
31    52.21.35.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-35-25.compute-1.amazonaws.com
www.samplesource.com
1    172.217.13.138 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f10.1e100.net
fonts.googleapis.com
1    172.217.13.168 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f8.1e100.net
www.googletagmanager.com
2    104.26.11.188 (None, )

ASN13335 (CLOUDFLARENET, US)
ua.realtimely.io
api.realtimely.io
1    172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net
www.google-analytics.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
31 samplesource.com
www.samplesource.com — Cisco Umbrella Rank: 659415
2 MB
2 realtimely.io
ua.realtimely.io — Cisco Umbrella Rank: 66209
api.realtimely.io — Cisco Umbrella Rank: 58757
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
401 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590
16 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
257 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
915 B
1 carrefourechantillons.ca
carrefourechantillons.ca
293 B
37 8
Domain Requested by
31 www.samplesource.com 1 redirects www.samplesource.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.samplesource.com
1 www.google-analytics.com www.googletagmanager.com
1 api.realtimely.io www.samplesource.com
1 ua.realtimely.io www.samplesource.com
1 www.googletagmanager.com www.samplesource.com
1 fonts.googleapis.com www.samplesource.com
1 carrefourechantillons.ca 1 redirects
37 9

This site contains links to these domains. Also see Links.

Domain
corporate.samplesource.com
www.instagram.com
twitter.com
Subject Issuer Validity Valid
samplesource.com
Amazon RSA 2048 M02		 2023-02-11 -
2024-03-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
realtimely.io
GTS CA 1P5		 2023-12-24 -
2024-03-23		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.samplesource.com/?site=fr
Frame ID: 9A7D95FC1C6C6CCF0170B42B376D51D5
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SampleSource.com - Free Samples - home, health, beauty, makeup, food, and more!

Page URL History Show full URLs

  1. https://carrefourechantillons.ca/ HTTP 302
    https://www.samplesource.com/?site=fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

37
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

2043 kB
Transfer

2945 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://carrefourechantillons.ca/ HTTP 302
    https://www.samplesource.com/?site=fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://www.samplesource.com/js/images/bx_loader.gif HTTP 302
  • https://www.samplesource.com/

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.samplesource.com/
Redirect Chain
  • https://carrefourechantillons.ca/
  • https://www.samplesource.com/?site=fr
49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
71aec4bc0327623dea7240dcaf403b6f9abee66aaf1311fa9e279543317a2e09
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin
*
access-control-max-age
1000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
15217
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 30 Dec 2023 12:42:15 GMT
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
expires
Thu, 19 Nov 1981 08:52:00 GMT
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Age
0
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
221
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 30 Dec 2023 12:42:15 GMT
Expires
Sat, 30 Dec 2023 13:42:15 GMT
Location
https://www.samplesource.com/?site=fr
Server
Apache/2
colorbox.css
www.samplesource.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/css/colorbox.css
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b58fb7d020c67738c39dc9b48415b6d6faf1ba985b107f92a2af5c6a58aaab8f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1072
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"baa-5d8d73ca6fa04-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
jquery-ui.css
www.samplesource.com/css/ 		35 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/css/jquery-ui.css
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8378
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"8c85-5d8d73ca6fa04-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
bootstrap.min.css
www.samplesource.com/css/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/css/bootstrap.min.css
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
19249
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"1ca39-5d8d73ca6fa04-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
css
fonts.googleapis.com/ 		1 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Dec 2023 12:33:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Dec 2023 12:42:15 GMT
jquery.bxslider.css
www.samplesource.com/js/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/jquery.bxslider.css
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6300ba1c19b24d427fdec05b16c8b7c85f21155097c82ffdced06192a5f70d31
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1193
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"efc-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
style.css
www.samplesource.com/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/style.css
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a44e0f06869a2f8def8c54d3b17c810957b3ac5c2428438df15ca4effc31f289
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
7365
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 01 Aug 2023 18:57:11 GMT
server
Apache
etag
"909e-601e11d4c1a20-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
jquery-latest.min.js
www.samplesource.com/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/jquery-latest.min.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
33225
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"1762a-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
jquery-ui.js
www.samplesource.com/js/ 		509 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/jquery-ui.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"7f20a-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
bootstrap.min.js
www.samplesource.com/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/bootstrap.min.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
9539
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"8c6f-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
jquery.colorbox.js
www.samplesource.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/jquery.colorbox.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ea60fb337f7672693ab00cd0a4699ef3b720f382b7bfc4e1ac3baa6fe8ff79bb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8824
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"71b1-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
jquery.validate.js
www.samplesource.com/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/jquery.validate.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8332059e24b7aaa3585e312bb9cd3f35c0a4b16861e52bb216f2abaf0f22fa12
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
11290
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"a6ca-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
samplesource.js
www.samplesource.com/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/samplesource.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
893bdf4c6e638ea14d8c4e4d7e0f9e83da3abee66a1aaabf1d1243f832e0e6c2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
2662
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 09 Mar 2022 20:07:00 GMT
server
Apache
etag
"3de3-5d9cea3f0b990-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
jquery.bxslider.js
www.samplesource.com/js/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplesource.com/js/jquery.bxslider.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bddbba35635904eca1d7f9edc74bdbcba04ec0f5a16286fdbd8f78fb0f7e0c6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
11960
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"c58d-5d8d73ca73884-gzip"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8NKH4X0LYS
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3702fc341bf348a615749cd335a31fdd7497aa5a951c40a2b527d1e58171bd36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86181
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Dec 2023 12:42:15 GMT
script.js
ua.realtimely.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ua.realtimely.io/script.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3661
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 08 Oct 2023 07:39:41 GMT
server
cloudflare
etag
W/"65225cbd-fd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2B5TGG9tBkDNbXwyKzyv1p0u%2BQEvIjiFuetx%2BP1WGtCFnxrUukAAqtZ3ken1hWHd43CJwFgWy7eYcYHImIbOfQP9eB6%2BXxEqSfyLDTUYs07e5fTIKtEr38Rid1R7M36JYdE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=57600
cf-ray
83da5c97ea1054c1-YYZ
logo_black_en.svg
www.samplesource.com/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/logo_black_en.svg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
62a4c1cd0c1e4738b373461cb96bc29311d30292a7bf81c4bd523e89dd3fda8a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
23310
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"5b0e-5d8d73ca728e4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
ca_64.png
www.samplesource.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/ca_64.png
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
303e8b2c06f07ee6bd4058e41424739f74fcbc5c7e8989085acf5c394d2e79d3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
2813
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"afd-5d8d73ca709a4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
us_64.png
www.samplesource.com/images/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/us_64.png
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ee78e49f2b8e2ea508e214441566c33ba6e5f97c93bd44a404a681b1346f7c05
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
3458
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"d82-5d8d73ca73884"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
ca.png
www.samplesource.com/images/ 		843 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/ca.png
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
59f1c41813b3ec86c38ac3d81e081dfd92677b37b007f6ba8d2997c1afb6b984
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
843
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"34b-5d8d73ca709a4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
logo_white_fr.svg
www.samplesource.com/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/logo_white_fr.svg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5b46636d3aaf95cbce88c88cdc2a45052c89efc3c13e59c4a00cb5d160fb0d35
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
36518
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"8ea6-5d8d73ca728e4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
logo_black_fr.svg
www.samplesource.com/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/logo_black_fr.svg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a3f4a7cb8fdf784e0bd6822a687c2735f43d6d0e7f93418575ce815adef5e4fa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
36518
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"8ea6-5d8d73ca728e4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
icon_close.jpg
www.samplesource.com/images/ 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/icon_close.jpg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ffeef03a1f0c9d55344d7d76401137af3572f172654814e850e1f0070b6a9769
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
4998
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 12 Mar 2022 15:17:28 GMT
server
Apache
etag
"1386-5da06f203d670"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
header-image_fr.jpg
www.samplesource.com/images/ 		287 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/header-image_fr.jpg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d52b6545b5e7f64e38d129f50bd406c40fe5d1d25eb403f9f4b55cc19cfc53af
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
294386
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"47df2-5d8d73ca709a4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
home_img_fr.jpg
www.samplesource.com/images/ 		214 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/home_img_fr.jpg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c81a4dd02b7f75ad25dead25c86c1220bbc5f1c592e1ecd288212f9fddda529d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
219042
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Apr 2023 16:10:22 GMT
server
Apache
etag
"357a2-5f939f630b2c0"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
animated_register.gif
www.samplesource.com/images/ 		219 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/animated_register.gif
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
573035747a1937c7e515ccf1fa3542d702e81015c3324f3817cc1bc94d924b72
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
224440
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"36cb8-5d8d73ca709a4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
animated_add_to_cart.gif
www.samplesource.com/images/ 		342 KB
344 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/animated_add_to_cart.gif
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
086cc811e55486db6cb6d7c3433a8d47c29afd3114ad6e25df674ffaec24cc2f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
350064
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"55770-5d8d73ca709a4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
animated_shipped.gif
www.samplesource.com/images/ 		264 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/animated_shipped.gif
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
03e121a8b6db6ef0d52c5b7456278e8752cdc866c3d317d7cf2eb3720bf2b452
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
270815
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"421df-5d8d73ca709a4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
star-reviews.png
www.samplesource.com/images/ 		9 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/star-reviews.png
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
35671b15460b603bac2db14a425f1fc8ed62edebbc6066ebb7ae05ccd598d5cc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
9113
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"2399-5d8d73ca73884"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
products_spring_2022_cad.gif
www.samplesource.com/images/ 		145 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/products_spring_2022_cad.gif
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5830ae9e4fb0e1bf5c2d210bc93326a4ba59ad0f6d5e34779912261740270ff0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
148769
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 19 Mar 2022 13:35:55 GMT
server
Apache
etag
"24521-5da9257bff2d8"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
icon_instagram_white.svg
www.samplesource.com/images/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/icon_instagram_white.svg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
da59d9eff1c01d11a1901b27d595e54126757b1f5a2d6fd3319d95a8f5e1cbb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
1120
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"460-5d8d73ca728e4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
icon_twitter_white.svg
www.samplesource.com/images/ 		946 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/images/icon_twitter_white.svg
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7a42e5247d1174424a36f6044aaa41f94dc60780eaadc5c77cf6284cbf5e7635
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/?site=fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-length
946
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 25 Feb 2022 12:57:10 GMT
server
Apache
etag
"3b2-5d8d73ca728e4"
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
/
www.samplesource.com/
Redirect Chain
  • https://www.samplesource.com/js/images/bx_loader.gif
  • https://www.samplesource.com/
49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.samplesource.com/
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/js/jquery.bxslider.css
Protocol
H2
Server
52.21.35.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-35-25.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/js/jquery.bxslider.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
content-length
15217
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
vary
Accept-Encoding
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

date
Sat, 30 Dec 2023 12:42:15 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
Apache
expect-ct
enforce, max-age=300, report-uri='https://samplesource.com/'
access-control-max-age
1000
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
location
https://www.samplesource.com/
access-control-allow-origin
*
feature-policy
fullscreen 'none'
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
access-control-allow-headers
XMLHttpRequest, x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length
283
/
api.realtimely.io/c/ 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.realtimely.io/c/?p=%2F&u=no&s=no&h=https%3A%2F%2Fwww.samplesource.com&r=&sid=SAMPLE&t=SampleSource.com%20-%20Free%20Samples%20-%20home%2C%20health%2C%20beauty%2C%20makeup%2C%20food%2C%20and%20more!&qs=%7B%7D&cid=96835500
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 12:42:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6RhU%2BZ5KGpTIkkvBAVu1hwfNxXt5EiGnv9JABw0S4W1vj2yl7xb4KaIA9FkeZ5gwUEs5pFqbqzioKR28rZMcO9pkFu%2FUbnnWiF15nA3SpqKZ7drFgPU2GoMOA9pJi3Z5%2Fu0"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83da5c987a5e54c1-YYZ
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8NKH4X0LYS&gtm=45je3bt0v887669933&_p=1703940135570&gcd=11l1l1l1l1&dma=0&cid=1763593445.1703940136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703940135&sct=1&seg=0&dl=https%3A%2F%2Fwww.samplesource.com%2F%3Fsite%3Dfr&dt=SampleSource.com%20-%20Free%20Samples%20-%20home%2C%20health%2C%20beauty%2C%20makeup%2C%20food%2C%20and%20more!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=708
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8NKH4X0LYS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.samplesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Dec 2023 12:42:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.samplesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-rum-1.249.0.min.js
js-agent.newrelic.com/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.249.0.min.js
Requested by
Host: www.samplesource.com
URL: https://www.samplesource.com/?site=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.samplesource.com/
Origin
https://www.samplesource.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
3PbzC_N7CIB1L071r8FgkLVtaRZzQS.L
content-encoding
br
via
1.1 varnish
date
Sat, 30 Dec 2023 12:42:15 GMT
strict-transport-security
max-age=300
x-amz-request-id
6N7Y1QR3XKA5YQBV
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15747
x-amz-id-2
qU63qthN1vDjPNdX1/ADCZstetkMBYBCcsy0qM7ybo1sCB/nPrJZr8Y/CGK0ifN+/Itx+GZkuho=
x-served-by
cache-yul12830-YUL
last-modified
Thu, 14 Dec 2023 16:36:09 GMT
server
AmazonS3
x-timer
S1703940136.983054,VS0,VE0
etag
"2ccd2352d2d5668fd135b1090e86b079"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
895379
ac25e462e9
bam.nr-data.net/1/ 		40 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/ac25e462e9?a=121556617&v=1.249.0&to=Y1EGMEJRVkUHAhdbC1obMRZZH1FYAgQbHBRcRA%3D%3D&rst=943&ck=0&s=6eee2f8021d51390&ref=https://www.samplesource.com/&ap=29&be=319&fe=540&dc=346&at=TxYFRgpLRUs%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1703940135071,%22n%22:0,%22f%22:137,%22dn%22:165,%22dne%22:165,%22c%22:165,%22s%22:196,%22ce%22:229,%22rq%22:229,%22rp%22:320,%22rpe%22:321,%22di%22:527,%22ds%22:647,%22de%22:665,%22dc%22:857,%22l%22:857,%22le%22:859%7D,%22navigation%22:%7B%7D%7D&fp=556&fcp=556
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.249.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer
https://www.samplesource.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 30 Dec 2023 12:42:16 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.samplesource.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-yul12823-YUL

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.249.0.PROD object| newrelic function| $ function| jQuery object| jQuery1111008944180782187017 string| initialEmailValue string| initialCellValue string| initialAddressValue string| initialAptValue string| initialCityValue string| initialCountryValue string| initialProvinceValue string| initialPostalValue function| forceSubmitForm function| forcePartnerRegisterForm function| gtag object| dataLayer function| b function| a object| realtimely string| data_url_new object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

8 Cookies

Domain/Path Name / Value
www.samplesource.com/ Name: PHPSESSID
Value: 4pcsoj501jrtj2lm8oavplq2p4
www.samplesource.com/ Name: site_lang
Value: fr
.samplesource.com/ Name: _ga_8NKH4X0LYS
Value: GS1.1.1703940135.1.0.1703940135.0.0.0
.samplesource.com/ Name: _ga
Value: GA1.1.1763593445.1703940136
www.samplesource.com/ Name: AWSALBTG
Value: CwxPz0tGhpBdFQsOmU4xmUjLTqCpe2mAu238oJpJVON9Ax9oKP88jyj1ewGL4D27dp96Gt7W5SmqoSPmUEL0uhGuuIci7VJYjHMzmbHAIZXgYZt0GRxie3dAqLfs04pYlI6VNv2w/69L76bic5zc7SZ5LyAOooyRIez/z7DnjVMnRfPGzIA=
www.samplesource.com/ Name: AWSALBTGCORS
Value: CwxPz0tGhpBdFQsOmU4xmUjLTqCpe2mAu238oJpJVON9Ax9oKP88jyj1ewGL4D27dp96Gt7W5SmqoSPmUEL0uhGuuIci7VJYjHMzmbHAIZXgYZt0GRxie3dAqLfs04pYlI6VNv2w/69L76bic5zc7SZ5LyAOooyRIez/z7DnjVMnRfPGzIA=
www.samplesource.com/ Name: AWSALB
Value: X2EWcTxYN657lnH6IU/0ulBhxAYo1aFo9KGbQRs+MRMKtGg5Fs33+9LOkV7JXfd5aiXZb+DrHUYVsfMRx1YdipKGoxBw+eFTBA9APKb9BBNW5YDV4ay5MKoCM9Ru
www.samplesource.com/ Name: AWSALBCORS
Value: X2EWcTxYN657lnH6IU/0ulBhxAYo1aFo9KGbQRs+MRMKtGg5Fs33+9LOkV7JXfd5aiXZb+DrHUYVsfMRx1YdipKGoxBw+eFTBA9APKb9BBNW5YDV4ay5MKoCM9Ru

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: fullscreen. Values defined in Permissions-Policy header will be used.
security error URL: https://www.samplesource.com/?site=fr
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.realtimely.io
bam.nr-data.net
carrefourechantillons.ca
fonts.googleapis.com
js-agent.newrelic.com
ua.realtimely.io
www.google-analytics.com
www.googletagmanager.com
www.samplesource.com
104.26.11.188
151.101.66.137
162.247.243.29
172.217.13.138
172.217.13.142
172.217.13.168
52.21.35.25
66.96.160.129
03e121a8b6db6ef0d52c5b7456278e8752cdc866c3d317d7cf2eb3720bf2b452
086cc811e55486db6cb6d7c3433a8d47c29afd3114ad6e25df674ffaec24cc2f
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
303e8b2c06f07ee6bd4058e41424739f74fcbc5c7e8989085acf5c394d2e79d3
35671b15460b603bac2db14a425f1fc8ed62edebbc6066ebb7ae05ccd598d5cc
3702fc341bf348a615749cd335a31fdd7497aa5a951c40a2b527d1e58171bd36
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
4e8f6c52a5d1d59d3f77c9e5ea4d743304e9ece8760286465f0a1979b2640a7c
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
573035747a1937c7e515ccf1fa3542d702e81015c3324f3817cc1bc94d924b72
5830ae9e4fb0e1bf5c2d210bc93326a4ba59ad0f6d5e34779912261740270ff0
59f1c41813b3ec86c38ac3d81e081dfd92677b37b007f6ba8d2997c1afb6b984
5b46636d3aaf95cbce88c88cdc2a45052c89efc3c13e59c4a00cb5d160fb0d35
62a4c1cd0c1e4738b373461cb96bc29311d30292a7bf81c4bd523e89dd3fda8a
6300ba1c19b24d427fdec05b16c8b7c85f21155097c82ffdced06192a5f70d31
71aec4bc0327623dea7240dcaf403b6f9abee66aaf1311fa9e279543317a2e09
7a42e5247d1174424a36f6044aaa41f94dc60780eaadc5c77cf6284cbf5e7635
8332059e24b7aaa3585e312bb9cd3f35c0a4b16861e52bb216f2abaf0f22fa12
893bdf4c6e638ea14d8c4e4d7e0f9e83da3abee66a1aaabf1d1243f832e0e6c2
a3f4a7cb8fdf784e0bd6822a687c2735f43d6d0e7f93418575ce815adef5e4fa
a44e0f06869a2f8def8c54d3b17c810957b3ac5c2428438df15ca4effc31f289
b58fb7d020c67738c39dc9b48415b6d6faf1ba985b107f92a2af5c6a58aaab8f
bddbba35635904eca1d7f9edc74bdbcba04ec0f5a16286fdbd8f78fb0f7e0c6f
c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545
c81a4dd02b7f75ad25dead25c86c1220bbc5f1c592e1ecd288212f9fddda529d
d52b6545b5e7f64e38d129f50bd406c40fe5d1d25eb403f9f4b55cc19cfc53af
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
da59d9eff1c01d11a1901b27d595e54126757b1f5a2d6fd3319d95a8f5e1cbb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea60fb337f7672693ab00cd0a4699ef3b720f382b7bfc4e1ac3baa6fe8ff79bb
ee78e49f2b8e2ea508e214441566c33ba6e5f97c93bd44a404a681b1346f7c05
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
ffeef03a1f0c9d55344d7d76401137af3572f172654814e850e1f0070b6a9769