urlscan.io logo urlscan.io
SecurityTrails logo

remboursersesdettes.ca Open in urlscan Pro
104.198.36.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.remboursersesdettes.ca/
Effective URL: https://remboursersesdettes.ca/
Submission: On January 19 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 37 HTTP transactions. The main IP is 104.198.36.81, located in United States and belongs to GOOGLE, US. The main domain is remboursersesdettes.ca.
TLS certificate: Issued by R3 on January 19th 2021. Valid for: 3 months.
This is the only time remboursersesdettes.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    104.198.36.81 (United States)

ASN15169 (GOOGLE, US)
PTR: 81.36.198.104.bc.googleusercontent.com
www.remboursersesdettes.ca
remboursersesdettes.ca
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    94.31.29.64 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.64.IPYX-077437-ZYO.above.net
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.225.80.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net
static.hotjar.com
3    54.174.92.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-92-145.compute-1.amazonaws.com
js.callrail.com
1    65.9.73.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    13.224.194.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net
vars.hotjar.com
1    52.18.148.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-148-102.eu-west-1.compute.amazonaws.com
in.hotjar.com
Domain Requested by
9 remboursersesdettes.ca remboursersesdettes.ca
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com
7 fonts.gstatic.com fonts.googleapis.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com remboursersesdettes.ca
3 js.callrail.com remboursersesdettes.ca
2 www.facebook.com remboursersesdettes.ca
connect.facebook.net
2 connect.facebook.net remboursersesdettes.ca
connect.facebook.net
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com remboursersesdettes.ca
1 www.googletagmanager.com remboursersesdettes.ca
1 fonts.googleapis.com remboursersesdettes.ca
1 www.remboursersesdettes.ca 1 redirects
37 14

This site contains links to these domains. Also see Links.

Domain
syndicfaillite.wpengine.com
Subject Issuer Validity Valid
remboursersesdettes.ca
R3		 2021-01-19 -
2021-04-19		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-18 -
2021-03-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
js.callrail.com
Amazon		 2020-04-24 -
2021-05-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://remboursersesdettes.ca/
Frame ID: 90403037D33A53D5991E0BBE46518A50
Requests: 40 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 8068E3712E644CB472862F65A9211741
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.remboursersesdettes.ca/ HTTP 301
    https://remboursersesdettes.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

46 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

1183 kB
Transfer

3077 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.remboursersesdettes.ca/ HTTP 301
    https://remboursersesdettes.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
remboursersesdettes.ca/
Redirect Chain
  • https://www.remboursersesdettes.ca/
  • https://remboursersesdettes.ca/
79 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
138f5f77c597db33c53eb4237d9f3a3e9064b71fee96345107818cc652babeba

Request headers

:method
GET
:authority
remboursersesdettes.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Tue, 19 Jan 2021 20:25:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://remboursersesdettes.ca/wp-json/>; rel="https://api.w.org/" <https://remboursersesdettes.ca/wp-json/wp/v2/pages/64>; rel="alternate"; type="application/json" <https://remboursersesdettes.ca/>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 10
x-cache-group
normal
content-encoding
br

Redirect headers

server
nginx
date
Tue, 19 Jan 2021 20:25:22 GMT
content-type
text/html
content-length
162
location
https://remboursersesdettes.ca/
d1af42cecca379a48d6c8989650273bf.css
remboursersesdettes.ca/wp-content/cache/min/1/ 		648 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/wp-content/cache/min/1/d1af42cecca379a48d6c8989650273bf.css
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
30fdf697a30fcf0102e0dd0a57cb3f9863c3e5c798bccd360e6345b9b52d3064

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
last-modified
Fri, 27 Nov 2020 04:45:09 GMT
server
nginx
etag
W/"5fc08455-a2152"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		45 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6722d7a7fcf9e27c2383027dfb69c7792fa12f1f53ef7a0b8185e852edac88a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 20:25:23 GMT
server
ESF
date
Tue, 19 Jan 2021 20:25:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Jan 2021 20:25:23 GMT
jquery.js
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
NetDNA-cache/2.2
etag
W/"5cde37d2-17a69"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm-f74344d73c613091af60893c67993176.js
remboursersesdettes.ca/wp-content/cache/busting/1/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/wp-content/cache/busting/1/gtm-f74344d73c613091af60893c67993176.js
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
937c471ef9318ff53efd55993b72893ec7a0a78896b9711cfa2f15f22f0395dc

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
last-modified
Thu, 03 Sep 2020 17:45:03 GMT
server
nginx
etag
W/"5f512b9f-1600c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
lazyload.min.js
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 17:44:54 GMT
server
NetDNA-cache/2.2
etag
W/"5f512b96-1ed2"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
ddc76f0a170f563322fad71ea1cffaa2.js
remboursersesdettes.ca/wp-content/cache/min/1/ 		684 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/wp-content/cache/min/1/ddc76f0a170f563322fad71ea1cffaa2.js
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0513dee5a36e477acfc68d7ce16c53f38521b887ba288b3069744f9fbeff3ecb

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
last-modified
Fri, 27 Nov 2020 04:15:02 GMT
server
nginx
etag
W/"5fc07d46-aaeb9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSRX9KH
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ac5272f29d5e621f682fdd8108c0a2106b6fed2042a588036c7127005404dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35033
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 18:07:43 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Jan 2021 20:25:23 GMT
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f5d0db1872a958f26a200135bec21131e8836c04113122a139596b64f6d1809

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89c36dd4ed8ad8390471e7a3056b8832f0c2136603839d0b020b1ba5b0ca10e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcdb79986be9a71df28e1301800189bc4064478abdeaa67d8d1a3e9068e66f18

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
coupleOrdinateur2.png
remboursersesdettes.ca/wp-content/uploads/2020/06/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://remboursersesdettes.ca/wp-content/uploads/2020/06/coupleOrdinateur2.png
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/d1af42cecca379a48d6c8989650273bf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c6e7868d1b3c2ac65995b4336f45f3d561568e1ef55a5a938b885b3afddc90d

Request headers

Referer
https://remboursersesdettes.ca/wp-content/cache/min/1/d1af42cecca379a48d6c8989650273bf.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
last-modified
Mon, 29 Jun 2020 18:27:11 GMT
server
nginx
etag
"5efa327f-2aba2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
175010
7cHqv4kjgoGqM7E30-8s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
657ce79970865b4ae1f7c3f42715defa648bf4d5cb34949c62f7d220b2c1ed03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:17:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:21 GMT
server
sffe
age
446902
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14200
x-xss-protection
0
expires
Fri, 14 Jan 2022 16:17:01 GMT
fa-solid-900.woff2
remboursersesdettes.ca/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/d1af42cecca379a48d6c8989650273bf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://remboursersesdettes.ca/wp-content/cache/min/1/d1af42cecca379a48d6c8989650273bf.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
last-modified
Thu, 12 Nov 2020 15:20:53 GMT
server
nginx
etag
"5fad52d5-12934"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
76084
7cHqv4kjgoGqM7E3_-gs51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dbc85af885511d2143f96ab1e06a5c4e230727679cf6bd4131db468bfd882a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 08:21:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:06:23 GMT
server
sffe
age
389011
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13988
x-xss-protection
0
expires
Sat, 15 Jan 2022 08:21:52 GMT
7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a462a0c5b5002de8a5656cf4148f0abf497216ba2810dc6d2c55a0abc65a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 20:38:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:21 GMT
server
sffe
age
431187
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14128
x-xss-protection
0
expires
Fri, 14 Jan 2022 20:38:56 GMT
7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
fonts.gstatic.com/s/barlow/v5/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15b7ba238dc0b8e0c6ea63409a42d8b6fa68475cbc3a8d80388d6bae7beb833d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 14:23:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:51 GMT
server
sffe
age
367296
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
expires
Sat, 15 Jan 2022 14:23:47 GMT
7cHqv4kjgoGqM7E3p-ks51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3p-ks51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2eee2a1715c05731e33e7ef5319f44724861862509d7f4e0d09269bfff4b3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 13:36:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:08 GMT
server
sffe
age
370162
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13936
x-xss-protection
0
expires
Sat, 15 Jan 2022 13:36:01 GMT
7cHqv4kjgoGqM7E3q-0s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3q-0s51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5601e5d4cc338014e5f5223194aec12081abe7ad4098902063c8107d4ca3af1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 07:51:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:06:42 GMT
server
sffe
age
390812
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14048
x-xss-protection
0
expires
Sat, 15 Jan 2022 07:51:51 GMT
7cHrv4kjgoGqM7E_Cfs7wH8Dnzcj.woff2
fonts.gstatic.com/s/barlow/v5/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8Dnzcj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a6d388540f2fd494bbeab1ff5b400d7a38402fb7bdbac7887b26d1de95956b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://remboursersesdettes.ca
Referer
https://fonts.googleapis.com/css?family=Barlow%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 08:37:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:06:00 GMT
server
sffe
age
388101
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15768
x-xss-protection
0
expires
Sat, 15 Jan 2022 08:37:02 GMT
ga-871c39943ac31c498d591a714a31212c.js
remboursersesdettes.ca/wp-content/cache/busting/google-tracking/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/wp-content/cache/busting/google-tracking/ga-871c39943ac31c498d591a714a31212c.js
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/busting/1/gtm-f74344d73c613091af60893c67993176.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
last-modified
Mon, 31 Aug 2020 20:50:59 GMT
server
nginx
etag
W/"5f4d62b3-b386"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSRX9KH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3222
date
Tue, 19 Jan 2021 19:31:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 19 Jan 2021 21:31:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-fb-rlafr
0
pragma
public
x-fb-debug
hMBVyvT8MTc8t1Z5VXlfHOFh358pMbc5ysIwKo3YYzh9eBRgHHKzAFJtgEcN5/NemDYDatZJ6V75LRHInRWSeQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 19 Jan 2021 20:25:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
blocLogo.svg
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-content/uploads/2020/06/ 		2 KB
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-content/uploads/2020/06/blocLogo.svg
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a36c726cc47b6e8d2132e5b8972188f3d8d3cf94b20ed85811beedb5cf73a82e

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
gzip
last-modified
Thu, 25 Jun 2020 18:08:49 GMT
server
NetDNA-cache/2.2
etag
W/"5ef4e831-687"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
papaBebe.png
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-content/uploads/2020/06/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-content/uploads/2020/06/papaBebe.png
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
165e4088d993141f8d03c2dd01166b165d919ce6704c48101554174f020706c2

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
last-modified
Thu, 25 Jun 2020 19:10:02 GMT
server
NetDNA-cache/2.2
etag
"5ef4f68a-39646"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
235078
collect
www.google-analytics.com/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1327384288&t=pageview&_s=1&dl=https%3A%2F%2Fremboursersesdettes.ca%2F&ul=en-us&de=UTF-8&dt=Consolidation%20de%20dettes%20et%20plus%20pour%20rembourser%20vos%20dettes%20rapidement!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUADQAAAAC~&jid=1982190819&gjid=500541002&cid=2040980358.1611087924&tid=UA-171181639-1&_gid=1183810230.1611087924&_r=1&gtm=2ou8q1&z=1352683465
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jan 2021 20:25:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://remboursersesdettes.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-N4L5D57&t=gtm6&cid=2040980358.1611087924
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc919ccbf7cf610f54a45654bb7c5f1b4bca4a5838fde86ab4d9bfd5e9cf79fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37457
x-xss-protection
0
expires
Tue, 19 Jan 2021 20:25:23 GMT
281119892944552
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/281119892944552?v=2.9.32&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7fdb9e6ffa02c63660a6d4e5279d3c33f1671e56b6c550c20b938afacd1c75a0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70474
x-fb-rlafr
0
pragma
public
x-fb-debug
18F2X69zXS9X2Z+QBOPQQd/4oFTpcoyIkXmLPQX8C/qd4WFkftkat4FEiN6m21/cNLpZzztkYsQzgDd0xsMeAg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Jan 2021 20:25:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
662128783
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1327384288&t=pageview&_s=1&dl=https%3A%2F%2Fremboursersesdettes.ca%2F&ul=en-us&de=UTF-8&dt=Consolidation%20de%20dettes%20et%20plus%20pour%20rembourser%20vos%20dettes%20rapidement!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAAC~&jid=1583675069&gjid=887113716&cid=2040980358.1611087924&tid=UA-171181639-1&_gid=1183810230.1611087924&_r=1&gtm=2wg161PSRX9KH&z=131548545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jan 2021 20:25:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://remboursersesdettes.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=281119892944552&ev=PageView&dl=https%3A%2F%2Fremboursersesdettes.ca%2F&rl=&if=false&ts=1611087923820&sw=1600&sh=1200&v=2.9.32&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1611087923819.1270127329&it=1611087923722&coo=false&rqm=GET
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 Jan 2021 20:25:23 GMT
hotjar-1879388.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1879388.js?sv=5
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/ddc76f0a170f563322fad71ea1cffaa2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-89.fra2.r.cloudfront.net
Software
/
Resource Hash
ef3583f55eb460f0dc59f51582190bafad3a7711420877a58cad3ee75cc64c6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/5f87ee4f4d4fc7dd71082eed069dda22
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1746
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-amz-cf-id
Kp61xTxotYzik6c0NFLNJrbtLU-qFTYlJUWpQrjXH21XYcq8zhEFTw==
index.php
remboursersesdettes.ca/ 		0
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/index.php?rest_route=/Calltrk/v1/store
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/ddc76f0a170f563322fad71ea1cffaa2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Jan 2021 20:25:24 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-powered-by
WP Engine
vary
Origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-origin
https://remboursersesdettes.ca
allow
POST
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://remboursersesdettes.ca/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
external_forms.js
js.callrail.com/companies/986539762/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/companies/986539762/external_forms.js?t=1611087923857&
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/ddc76f0a170f563322fad71ea1cffaa2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.92.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-92-145.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c095438c6dfcdbf8ad171b6f058c74d8ba1f527cbe48bfa6b543a2ac94687bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime
0.001449
date
Tue, 19 Jan 2021 20:25:24 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 (Ubuntu)
etag
W/"2c095438c6dfcdbf8ad171b6f058c74d"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200 OK
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
b1f8398a-312f-4d1e-83bf-c59cad4f51a2
swap_session.json
js.callrail.com/group/0/8e53004b6fc70249cbc1/12/ 		142 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/group/0/8e53004b6fc70249cbc1/12/swap_session.json
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/ddc76f0a170f563322fad71ea1cffaa2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.92.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-92-145.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4af20aaae0d762399dbee728c224c2c4d68e4383a0c941a671a700665e59250f

Request headers

Accept
application/json
Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

x-runtime
0.037807
date
Tue, 19 Jan 2021 20:25:24 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
status
200 OK
etag
W/"4af20aaae0d762399dbee728c224c2c4"
vary
Origin
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
7200
cache-control
max-age=0, private, must-revalidate
x-request-id
894c1b93-9080-40d9-bb28-adee72a71e51
access-control-expose-headers
refill
remboursersesdettes.ca/wp-json/contact-form-7/v1/contact-forms/43/ 		62 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remboursersesdettes.ca/wp-json/contact-form-7/v1/contact-forms/43/refill
Requested by
Host: fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com
URL: https://fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.36.81 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
81.36.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
667ccfb076977f42844a0849a329b21527bb014397e4d12f1b26dd35789fea43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://remboursersesdettes.ca/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 20:25:23 GMT
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
HIT: 4
vary
Accept-Encoding,Cookie
content-length
62
x-cache-group
normal
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
server
nginx
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex
link
<https://remboursersesdettes.ca/wp-json/>; rel="https://api.w.org/"
modules.3123a148abe4a1b966d0.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.3123a148abe4a1b966d0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1879388.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
05cb4002e73d59b4ce5b702068f39413e152eee56f100c733892cf13d012129c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 08:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
128546
x-cache
Hit from cloudfront
content-length
59782
access-control-allow-origin
*
last-modified
Mon, 18 Jan 2021 08:40:59 GMT
etag
"0ca9fccf3f162cbe57295289f70c1d71"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
vHeId1w9cH8pP6yIxmoPuICS8aY8QteD7-XqcQM9YVlsu23qUv_xLw==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 8068 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1879388.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-11.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://remboursersesdettes.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://remboursersesdettes.ca/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
IPoMRPzVSER_8-0VkwCnTh4ImnQw8nF2KtaqpVq-bE2C5RUDhkTQsw==
age
4937061
visit-data
in.hotjar.com/api/v2/client/sites/1879388/ 		152 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1879388/visit-data?sv=5
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3123a148abe4a1b966d0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.148.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-148-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Jan 2021 20:25:24 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
icap.js
js.callrail.com/group/0/8e53004b6fc70249cbc1/12/ 		22 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/group/0/8e53004b6fc70249cbc1/12/icap.js?t=1611087924215&GoogleAnalytics__ga=GA1.2.2040980358.1611087924&ga=GA1.2.2040980358.1611087924&uuid=834d9f57-5b47-41df-80cd-d6e0617f1387&ids%5B%5D=986539762
Requested by
Host: remboursersesdettes.ca
URL: https://remboursersesdettes.ca/wp-content/cache/min/1/ddc76f0a170f563322fad71ea1cffaa2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.92.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-92-145.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime
0.028008
date
Tue, 19 Jan 2021 20:25:24 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
etag
W/"1643b5cec44cc597bc2cce3448ce5434"
content-type
text/javascript; charset=utf-8
status
200 OK
cache-control
max-age=0, private, must-revalidate
x-request-id
7abcc552-ff8b-4747-bb83-b113535e5266
/
www.facebook.com/tr/ 		0
88 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://remboursersesdettes.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryrbdfxlsEW94drFgy

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 19 Jan 2021 20:25:24 GMT
content-type
text/plain
access-control-allow-origin
https://remboursersesdettes.ca
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| gtag object| dataLayer object| wpcf7 object| TRX_MSCF_GLOBALS object| wpcf7cf_global_settings object| ElementorProFrontendConfig object| elementorFrontendConfig object| lazyLoadOptions function| LazyLoad object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| gaplugins object| gaGlobal object| gaData object| google_optimize function| a function| CallTrkSwap object| ___FONT_AWESOME___ object| fontawesome-free-shims function| hj object| _hjSettings number| crwpVer object| CallTrk object| regeneratorRuntime object| wpcf7cf_dom object| wpcf7cf object| wp object| core object| elementorModules function| Sticky object| jQuery112408926968152595842 object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontend object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

9 Cookies

Domain/Path Name / Value
.remboursersesdettes.ca/ Name: _ga
Value: GA1.2.2040980358.1611087924
.remboursersesdettes.ca/ Name: _fbp
Value: fb.1.1611087923819.1270127329
.remboursersesdettes.ca/ Name: _hjFirstSeen
Value: 1
.remboursersesdettes.ca/ Name: _gat_UA-171181639-1
Value: 1
.remboursersesdettes.ca/ Name: _hjid
Value: 7fc01125-f218-4532-9c58-e75ce76c087b
.remboursersesdettes.ca/ Name: _gat_gtag_UA_171181639_1
Value: 1
.remboursersesdettes.ca/ Name: calltrk_fcid
Value: cbd0f1d3-5876-40b0-8353-f7ef647b1121
.remboursersesdettes.ca/ Name: calltrk_session_id
Value: 834d9f57-5b47-41df-80cd-d6e0617f1387
.remboursersesdettes.ca/ Name: _gid
Value: GA1.2.1183810230.1611087924

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fajf2suj9l2krtdj3aky2c4d-wpengine.netdna-ssl.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
js.callrail.com
remboursersesdettes.ca
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.remboursersesdettes.ca
104.198.36.81
13.224.194.11
13.225.80.89
2a00:1450:4001:800::200e
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.18.148.102
54.174.92.145
65.9.73.70
94.31.29.64
0513dee5a36e477acfc68d7ce16c53f38521b887ba288b3069744f9fbeff3ecb
05cb4002e73d59b4ce5b702068f39413e152eee56f100c733892cf13d012129c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
138f5f77c597db33c53eb4237d9f3a3e9064b71fee96345107818cc652babeba
15b7ba238dc0b8e0c6ea63409a42d8b6fa68475cbc3a8d80388d6bae7beb833d
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
165e4088d993141f8d03c2dd01166b165d919ce6704c48101554174f020706c2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dbc85af885511d2143f96ab1e06a5c4e230727679cf6bd4131db468bfd882a8
2a6d388540f2fd494bbeab1ff5b400d7a38402fb7bdbac7887b26d1de95956b2
2c095438c6dfcdbf8ad171b6f058c74d8ba1f527cbe48bfa6b543a2ac94687bb
30fdf697a30fcf0102e0dd0a57cb3f9863c3e5c798bccd360e6345b9b52d3064
34a462a0c5b5002de8a5656cf4148f0abf497216ba2810dc6d2c55a0abc65a12
4af20aaae0d762399dbee728c224c2c4d68e4383a0c941a671a700665e59250f
4f5d0db1872a958f26a200135bec21131e8836c04113122a139596b64f6d1809
5601e5d4cc338014e5f5223194aec12081abe7ad4098902063c8107d4ca3af1f
5ac5272f29d5e621f682fdd8108c0a2106b6fed2042a588036c7127005404dc4
657ce79970865b4ae1f7c3f42715defa648bf4d5cb34949c62f7d220b2c1ed03
667ccfb076977f42844a0849a329b21527bb014397e4d12f1b26dd35789fea43
6722d7a7fcf9e27c2383027dfb69c7792fa12f1f53ef7a0b8185e852edac88a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6e7868d1b3c2ac65995b4336f45f3d561568e1ef55a5a938b885b3afddc90d
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7fdb9e6ffa02c63660a6d4e5279d3c33f1671e56b6c550c20b938afacd1c75a0
89c36dd4ed8ad8390471e7a3056b8832f0c2136603839d0b020b1ba5b0ca10e5
937c471ef9318ff53efd55993b72893ec7a0a78896b9711cfa2f15f22f0395dc
a36c726cc47b6e8d2132e5b8972188f3d8d3cf94b20ed85811beedb5cf73a82e
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
cc919ccbf7cf610f54a45654bb7c5f1b4bca4a5838fde86ab4d9bfd5e9cf79fa
d2eee2a1715c05731e33e7ef5319f44724861862509d7f4e0d09269bfff4b3a8
dcdb79986be9a71df28e1301800189bc4064478abdeaa67d8d1a3e9068e66f18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef3583f55eb460f0dc59f51582190bafad3a7711420877a58cad3ee75cc64c6a
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955