urlscan.io logo urlscan.io
SecurityTrails logo

blogs.stonesteps.ca Open in urlscan Pro
50.112.132.239  Public Scan

Go To Rescan Add Verdict Report
URL: https://blogs.stonesteps.ca/1/p/9
Submission: On February 21 via api from CZ — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 5 domains to perform 39 HTTP transactions. The main IP is 50.112.132.239, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is blogs.stonesteps.ca.
TLS certificate: Issued by R3 on February 11th 2024. Valid for: 3 months.
This is the only time blogs.stonesteps.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 50.112.132.239 16509 (AMAZON-02)
8 172.253.62.157 15169 (GOOGLE)
6 172.253.63.147 15169 (GOOGLE)
6 142.251.167.94 15169 (GOOGLE)
1 172.253.62.154 15169 (GOOGLE)
1 172.253.63.94 15169 (GOOGLE)
3 142.251.167.132 15169 (GOOGLE)
39 8
14    50.112.132.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-132-239.us-west-2.compute.amazonaws.com
blogs.stonesteps.ca
8    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6    172.253.63.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f147.1e100.net
www.google.com
6    142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
www.gstatic.com
1    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads.g.doubleclick.net
1    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
fonts.gstatic.com
3    142.251.167.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
14 stonesteps.ca
blogs.stonesteps.ca
1 MB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
228 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
649 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
39 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5 KB
39 5
Domain Requested by
14 blogs.stonesteps.ca blogs.stonesteps.ca
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com blogs.stonesteps.ca
www.gstatic.com
www.google.com
tpc.googlesyndication.com
6 pagead2.googlesyndication.com blogs.stonesteps.ca
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.gstatic.com www.google.com
39 7

This site contains links to these domains. Also see Links.

Domain
www.tiny.cloud
Subject Issuer Validity Valid
blogs.stonesteps.ca
R3		 2024-02-11 -
2024-05-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://blogs.stonesteps.ca/1/p/9
Frame ID: 2ACF74741628C71A6952521AE2EEA0F6
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html
Frame ID: D53CD06DFB06F7F196384C7A7FED4A8E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
Frame ID: 38C7AC4A37366F49F8715BD045BF1DA7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2407596340440247&output=html&adk=1812271804&adf=3025194257&lmt=1704558577&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fblogs.stonesteps.ca%2F1%2Fp%2F9&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708543822626&bpp=3&bdt=558&idt=287&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8570290244384&frm=20&pv=2&ga_vid=205454202.1708543823&ga_sid=1708543823&ga_hid=489255646&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C44798934%2C95324581%2C95325066%2C95320378%2C95320869%2C95324155%2C95324161%2C95325793&oid=2&pvsid=3656171720571367&tmod=88465018&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=308
Frame ID: 0D553DF069B533D8D7CA55FE9B131D33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2407596340440247&output=html&h=90&slotname=8594066593&adk=2392078700&adf=1839787983&pi=t.ma~as.8594066593&w=1183&fwrn=4&fwrnh=100&lmt=1704558577&rafmt=2&format=1183x90&url=https%3A%2F%2Fblogs.stonesteps.ca%2F1%2Fp%2F9&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708543822629&bpp=2&bdt=561&idt=308&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8570290244384&frm=20&pv=1&ga_vid=205454202.1708543823&ga_sid=1708543823&ga_hid=489255646&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C44798934%2C95324581%2C95325066%2C95320378%2C95320869%2C95324155%2C95324161%2C95325793&oid=2&pvsid=3656171720571367&tmod=88465018&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=313
Frame ID: F2A82A7E6923B51E9EC75197FF647795
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn
Frame ID: 54B1A92C428462079ED623B94ACEDAF8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F79BF19767809467AE7FA5AC79DB4A9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2816B61E999BAD445ABAFEB9654FBFA
Requests: 2 HTTP requests in this frame

Frame: https://blogs.stonesteps.ca/scripts/tinymce/skins/ui/oxide/content.min.css
Frame ID: F2B5C4B335E1EF1FD800AC423706BF9C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Andre's Blog • Is it phishing? No, just RIM sending their recruitment mail...

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

39
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

8
IPs

1
Countries

2224 kB
Transfer

3625 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9
blogs.stonesteps.ca/1/p/ 		47 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1a5556c4400ed0137696b6adc4666f67f58f65e94878879a378584329632fe92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate
content-length
48070
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 19:30:22 GMT
last-modified
Sat, 06 Jan 2024 16:29:37 GMT
server
nginx
vary
Cookie
tinymce.min.js
blogs.stonesteps.ca/scripts/tinymce/ 		383 KB
383 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1a553d2a5ea67aaba66dc2d9abd3468d3b8257c156d9629654ada6563bafe42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
last-modified
Wed, 17 Nov 2021 03:26:40 GMT
server
nginx
etag
W/"5fab7-17d2beea580"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
391863
bootstrap.bundle.min.js
blogs.stonesteps.ca/bootstrap-5.2/js/ 		79 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/bootstrap-5.2/js/bootstrap.bundle.min.js
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
last-modified
Mon, 21 Nov 2022 18:23:15 GMT
server
nginx
etag
W/"13a24-1849b6e1a38"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
80420
bootstrap.min.css
blogs.stonesteps.ca/bootstrap-5.2/css/ 		190 KB
191 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/bootstrap-5.2/css/bootstrap.min.css
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
last-modified
Mon, 21 Nov 2022 18:23:15 GMT
server
nginx
etag
W/"2f955-1849b6e1a38"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
194901
blogs.css
blogs.stonesteps.ca/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/css/blogs.css
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a91df7217eb07246a672aa16bd5234d2eb3ef2ff4809b79b647de7a0c4a7ce84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
W/"ec8-7438674ba0"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
3784
blog.css
blogs.stonesteps.ca/1/s/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/1/s/blog.css
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
15f7603ecea625fb149ce48999d8799e34cd250b7cba3aacd6fd2a9def581f65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
cache-control
private, max-age=60, must-revalidate
last-modified
Tue, 07 Nov 2023 00:20:34 GMT
server
nginx
content-length
2131
content-type
text/css; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2407596340440247
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
a101997de41d0a9d5a603e42439ae6eab3113867000fad334753ac3c6b6e7d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs.stonesteps.ca/
Origin
https://blogs.stonesteps.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51029
x-xss-protection
0
server
cafe
etag
9813730701291570156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 21 Feb 2024 19:30:22 GMT
rssicon.png
blogs.stonesteps.ca/images/ 		726 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.stonesteps.ca/images/rssicon.png
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b20a9478e0c95f2279e801a3d7d6408717fd26c2ccbdc35c43c35964fa6fa400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
W/"2d6-7438674ba0"
content-type
image/png
cache-control
public, max-age=300
accept-ranges
bytes
content-length
726
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/p/9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
0ca481c23ec930c9dbc8259d22182e5f93730186a236baa8d6a3dd2cc7a41da6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 21 Feb 2024 19:30:22 GMT
blue-clouds.png
blogs.stonesteps.ca/media/1/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogs.stonesteps.ca/media/1/blue-clouds.png
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/1/s/blog.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
96dadd3fccbfdb0e9c3470c13a77abc2bdc49b9bfa32917fe69e5c0c23460edf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/s/blog.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
cache-control
private, max-age=60, must-revalidate
last-modified
Sun, 01 Dec 2019 17:05:00 GMT
server
nginx
content-type
image/png
recaptcha__en.js
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ 		488 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
4fd66999fb60ad3289dfaee132ff52c0b1ecba71661e4cbfe47d09ac4f1cd5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs.stonesteps.ca/
Origin
https://blogs.stonesteps.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198909
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 16:03:17 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2407596340440247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
37f3b40df113a81022c94f5559c2eee50d46c495b888a99cb2ac7fa55ce53001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141320
x-xss-protection
0
server
cafe
etag
6320890539637400958
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Feb 2024 19:30:22 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/ Frame D53C 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240220/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2407596340440247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
35516
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 09:38:26 GMT
etag
3890843268177463596
expires
Wed, 06 Mar 2024 09:38:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 38C7 		46 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
2b8b58e3641d6b25f3c5c50fbae8ed12a59f5599a1f5e90bf500714952ce33c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_rF-x3eT2goSlejWkSRbnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_rF-x3eT2goSlejWkSRbnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 19:30:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame 0D55 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2407596340440247&output=html&adk=1812271804&adf=3025194257&lmt=1704558577&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fblogs.stonesteps.ca%2F1%2Fp%2F9&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708543822626&bpp=3&bdt=558&idt=287&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8570290244384&frm=20&pv=2&ga_vid=205454202.1708543823&ga_sid=1708543823&ga_hid=489255646&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C44798934%2C95324581%2C95325066%2C95320378%2C95320869%2C95324155%2C95324161%2C95325793&oid=2&pvsid=3656171720571367&tmod=88465018&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 19:30:23 GMT
expires
Wed, 21 Feb 2024 19:30:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F2A8 		853 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2407596340440247&output=html&h=90&slotname=8594066593&adk=2392078700&adf=1839787983&pi=t.ma~as.8594066593&w=1183&fwrn=4&fwrnh=100&lmt=1704558577&rafmt=2&format=1183x90&url=https%3A%2F%2Fblogs.stonesteps.ca%2F1%2Fp%2F9&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708543822629&bpp=2&bdt=561&idt=308&shv=r20240220&mjsv=m202402150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8570290244384&frm=20&pv=1&ga_vid=205454202.1708543823&ga_sid=1708543823&ga_hid=489255646&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081152%2C44798934%2C95324581%2C95325066%2C95320378%2C95320869%2C95324155%2C95324161%2C95325793&oid=2&pvsid=3656171720571367&tmod=88465018&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=313
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
357b7d14e12bf777a0d0ee9ef3b952e19e2031f0865f715168540f864bbf9621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 19:30:23 GMT
expires
Wed, 21 Feb 2024 19:30:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 38C7 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 16:03:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 38C7 		488 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
4fd66999fb60ad3289dfaee132ff52c0b1ecba71661e4cbfe47d09ac4f1cd5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198909
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 16:03:17 GMT
truncated
/ Frame 38C7 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 38C7 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 38C7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 08:29:57 GMT
x-content-type-options
nosniff
age
39626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 28 Feb 2024 08:29:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38C7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 05:43:33 GMT
x-content-type-options
nosniff
age
222410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Feb 2025 05:43:33 GMT
Dq4s5fHQ4MqajtxkAI1TQErT3JHnCXhk4JQIHWIJ1B4.js
www.google.com/js/bg/ Frame 38C7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Dq4s5fHQ4MqajtxkAI1TQErT3JHnCXhk4JQIHWIJ1B4.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
sffe /
Resource Hash
0eae2ce5f1d0e0ca9a8edc64008d53404ad3dc91e7097864e094081d6209d41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 18:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7010
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 18:12:38 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 38C7 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
7d4765f9e5ef9c44c30128cf2055ea61529f0c9fdf121b4ddca394da954d82df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn&co=aHR0cHM6Ly9ibG9ncy5zdG9uZXN0ZXBzLmNhOjQ0Mw..&hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=pmu7tc4hjdbf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 21 Feb 2024 19:30:23 GMT
bframe
www.google.com/recaptcha/api2/ Frame 54B1 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
1f9ea795c675025a4795037a4b206ffc66026074ed878ac04dc69fc1eef13a09
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vBynwJ9YTJJaO6oAO-RybQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vBynwJ9YTJJaO6oAO-RybQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 19:30:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 54B1 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 16:03:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 54B1 		488 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6Lfl6M0SAAAAAMVvaFSkKGU_hg499V3KIjS6UkQn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
4fd66999fb60ad3289dfaee132ff52c0b1ecba71661e4cbfe47d09ac4f1cd5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 16:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198909
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Feb 2025 16:03:17 GMT
theme.min.js
blogs.stonesteps.ca/scripts/tinymce/themes/silver/ 		394 KB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/scripts/tinymce/themes/silver/theme.min.js
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
eea8332d1a150236b416cc240bc5dd124ba942a9a11dbd33cfaab3b66b7cdfa9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:23 GMT
last-modified
Wed, 17 Nov 2021 03:26:40 GMT
server
nginx
etag
W/"626ea-17d2beea580"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
403178
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240220&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e01aed712c645ba6fe30cf50a8fc45f3189c093db405dbbee877865ec232cd00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12296
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 19:30:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F79B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
11421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 16:20:03 GMT
expires
Thu, 20 Feb 2025 16:20:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D281 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f147.1e100.net
Software
GSE /
Resource Hash
767e137b6f3785de4b413d5715e131219335acdd28e9df12f510faf72c56a602
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F_gLMLj9qkFReBvU2xYj7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.stonesteps.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-F_gLMLj9qkFReBvU2xYj7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Feb 2024 19:30:24 GMT
expires
Wed, 21 Feb 2024 19:30:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
icons.min.js
blogs.stonesteps.ca/scripts/tinymce/icons/default/ 		62 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/scripts/tinymce/icons/default/icons.min.js
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6c5a69c090aa1418082e7ad5e707bbe6c531269607e080821a7089a16e0f2b61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
last-modified
Wed, 17 Nov 2021 03:26:40 GMT
server
nginx
etag
W/"f996-17d2beea580"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
63894
plugin.min.js
blogs.stonesteps.ca/scripts/tinymce/plugins/lists/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/scripts/tinymce/plugins/lists/plugin.min.js
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
aa9940e361cf6e011e91d394691ea06564d67a9de16e8b347bcb4e49530d625f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
last-modified
Wed, 17 Nov 2021 03:26:40 GMT
server
nginx
etag
W/"6d25-17d2beea580"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
27941
sodar
pagead2.googlesyndication.com/pagead/ Frame D281 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240220&jk=3656171720571367&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame F79B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 14:12:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
105502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 14:12:02 GMT
skin.min.css
blogs.stonesteps.ca/scripts/tinymce/skins/ui/oxide/ 		60 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/scripts/tinymce/skins/ui/oxide/skin.min.css
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
005437a822f999bed1ac377a6148a80f352089f142fe944436282c36fe9ccda9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
last-modified
Wed, 17 Nov 2021 03:26:40 GMT
server
nginx
etag
W/"f061-17d2beea580"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
61537
content.min.css
blogs.stonesteps.ca/scripts/tinymce/skins/ui/oxide/ Frame F2B5 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/scripts/tinymce/skins/ui/oxide/content.min.css
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9298b5289424630e18080bcd98a8306a8d061a91cde503fb6ae091fb2c1beb51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
last-modified
Wed, 17 Nov 2021 03:26:40 GMT
server
nginx
etag
W/"554a-17d2beea580"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=300
accept-ranges
bytes
content-length
21834
blog.css
blogs.stonesteps.ca/1/s/ Frame F2B5 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogs.stonesteps.ca/1/s/blog.css
Requested by
Host: blogs.stonesteps.ca
URL: https://blogs.stonesteps.ca/scripts/tinymce/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.112.132.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-132-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
15f7603ecea625fb149ce48999d8799e34cd250b7cba3aacd6fd2a9def581f65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/1/p/9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
cache-control
private, max-age=60, must-revalidate
last-modified
Tue, 07 Nov 2023 00:20:34 GMT
server
nginx
content-length
2131
content-type
text/css; charset=utf-8
generate_204
tpc.googlesyndication.com/ Frame F79B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?79Iu2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 19:30:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ 		153 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96ed0aaea7ca61dc7bc944980d1444f63f62b7c45f621567a9e5a2bc9a448b82

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240220&jk=3656171720571367&bg=!k5ClkN_NAAZ3BdUuVwU7ADQBe5WfOF0J6NKZnwB01a0arkwbCdThEtXymqM8xba6f-bguZG387SeqVK2jT0_6bN3KiuIAgAAAJhSAAAAA2gBBwoADjskGYaQI2NtrMW8TaBymQLfCJLWRRZ68ky7owvHUwsgOmvTMUWiuybOOIbnxU135t10Ts4PNYqcmDo1_N9DNZEnuu6WuuRh3wxXCOjhmW9mPnvXzjtonNyOFRs-S7Om7gjNreHN925vdSQTnKBQeakOYlmTV6JJiaqfhfoKXw6Iaw5FDtkrHgaBfPadH20Ce9KFbphJAsyNiH2jnunGNIWyw8LQeeidBBPBJBIUGlJQjusNUbms0sdEDkurQekhh2a_BQx6eMKyP3bzrtk5WTuJNq-1LqSuNQY9cuatf0md0IRu_8-CT_D-9bHUt-oqsxxmy6AV8oZp_zWcM1Xk2lo7n6ivuknHBMtW3fkNks5nXuvcE9mvLpoROxaBTHzhgJwfS6TXzaKjlQCrBzGrR5hK4cHs00yXWUf2SHk3f_chp4hNq_6vU05gviIGSh0d9nMpVhZriRM-nJJfpgimMAVpbA3hHPRjpZgDWky2B4AzwWo1VkfH7KJeEn53nmXApsk94gm8_hRZVLpScIRKE3RRIFDAjmePuhizC3TkyGvRqpY7D5cFBmcE2gkTLe3yGmXdRF0GPhAUyI7KbR4N3_FzeP5-9TqeyiTeC9rEmErgsDEOy73nQX3Olx3M69JMPcnYWVSp9eVOKxNXDVCbJLM4oKLLwmpPMGuiiy4A56RF5lRrdXGOsel_84k65OIK_rpjtoN3CPUy5ftdIHJlBmoyxQA6XflVIAjLzSW2KptWfGVykUzpIZQfE1RIFbfPmDajdQwxejdc_lFy8tr535qmjgJf3G8ncEbo9IF0oYjCdqQeJGKeQtl-zVCJfoEXkUteoIRgCK29uqswmh3mDodvyHWV4hSQPdGVrr_tEnvHt0UXMqlIHdhPIcCALuMbv5GpTD7gMj-W7lI3lNUMvn_cUr0GWjajENNtORTP1zce6Kbw3DrqYiC5hAv9cKyfhBBJCZ1lc06FPAMsjp-PabIaMX5pel-TUybWH3DCDKkq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://blogs.stonesteps.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| menuToggleArchiveYear object| tinymce object| tinyMCE function| onPageLoad number| uidEvent object| bootstrap object| adsbygoogle object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| recaptcha object| closure_lm_455330 function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| mce-data-1hn6ibijh object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
blogs.stonesteps.ca/ Name: ssb
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MDg1NDM4MjEsIm5vbmNlIjoiNTQzODI4M2E3MDU1OGRmYzM0MDZhYWYyNGVjOWNjNTgiLCJqdGkiOiJzc2I6dmlzaXQtNjVkNjRmNGRhYTEwN2MzZmNmYjYzZGM5In0.m3WV3QM8exhfIsihHgHsIwT2Gh1ZruGSM_arM8edefk
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.stonesteps.ca/ Name: __gads
Value: ID=4427151bd4a5f45f:T=1708543822:RT=1708543822:S=ALNI_MZaGYUWM1gFmPF6pN5ajokMw1HJBA
.stonesteps.ca/ Name: __gpi
Value: UID=00000dcbe8322caf:T=1708543822:RT=1708543822:S=ALNI_MbkrUw6gd6_5L08_JYbKF5fx_rChg
.stonesteps.ca/ Name: __eoi
Value: ID=e4ae7d32473f4f37:T=1708543822:RT=1708543822:S=AA-Afjal6DIhYQb4D550tmYk5oeg

2 Console Messages

Source Level URL
Text
other warning URL: https://blogs.stonesteps.ca/1/p/9
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://blogs.stonesteps.ca/1/p/9
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogs.stonesteps.ca
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.gstatic.com
142.251.167.132
142.251.167.94
172.253.62.154
172.253.62.157
172.253.63.147
172.253.63.94
50.112.132.239
005437a822f999bed1ac377a6148a80f352089f142fe944436282c36fe9ccda9
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ca481c23ec930c9dbc8259d22182e5f93730186a236baa8d6a3dd2cc7a41da6
0eae2ce5f1d0e0ca9a8edc64008d53404ad3dc91e7097864e094081d6209d41e
15f7603ecea625fb149ce48999d8799e34cd250b7cba3aacd6fd2a9def581f65
1a5556c4400ed0137696b6adc4666f67f58f65e94878879a378584329632fe92
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f9ea795c675025a4795037a4b206ffc66026074ed878ac04dc69fc1eef13a09
2b8b58e3641d6b25f3c5c50fbae8ed12a59f5599a1f5e90bf500714952ce33c1
357b7d14e12bf777a0d0ee9ef3b952e19e2031f0865f715168540f864bbf9621
37f3b40df113a81022c94f5559c2eee50d46c495b888a99cb2ac7fa55ce53001
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4fd66999fb60ad3289dfaee132ff52c0b1ecba71661e4cbfe47d09ac4f1cd5a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c5a69c090aa1418082e7ad5e707bbe6c531269607e080821a7089a16e0f2b61
767e137b6f3785de4b413d5715e131219335acdd28e9df12f510faf72c56a602
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d4765f9e5ef9c44c30128cf2055ea61529f0c9fdf121b4ddca394da954d82df
9298b5289424630e18080bcd98a8306a8d061a91cde503fb6ae091fb2c1beb51
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
96dadd3fccbfdb0e9c3470c13a77abc2bdc49b9bfa32917fe69e5c0c23460edf
96ed0aaea7ca61dc7bc944980d1444f63f62b7c45f621567a9e5a2bc9a448b82
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a101997de41d0a9d5a603e42439ae6eab3113867000fad334753ac3c6b6e7d72
a91df7217eb07246a672aa16bd5234d2eb3ef2ff4809b79b647de7a0c4a7ce84
aa9940e361cf6e011e91d394691ea06564d67a9de16e8b347bcb4e49530d625f
b1a553d2a5ea67aaba66dc2d9abd3468d3b8257c156d9629654ada6563bafe42
b20a9478e0c95f2279e801a3d7d6408717fd26c2ccbdc35c43c35964fa6fa400
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
e01aed712c645ba6fe30cf50a8fc45f3189c093db405dbbee877865ec232cd00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea8332d1a150236b416cc240bc5dd124ba942a9a11dbd33cfaab3b66b7cdfa9