payment.mdccanada.ca Open in urlscan Pro
165.232.36.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s.agccall.com/uwikotcm
Effective URL:
https://payment.mdccanada.ca/solid3d/payment?lang=en
Submission: On May 01 via manual (May 1st 2024, 9:04:05 pm UTC) from AE — Scanned from NL

Summary HTTP 110 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 23 domains to perform 110 HTTP transactions. The main IP is 165.232.36.183, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is payment.mdccanada.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2023. Valid for: 10 months.

This is the only time payment.mdccanada.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	37.139.6.182 37.139.6.182	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 20	165.232.36.183 165.232.36.183	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.218.229.81 52.218.229.81	16509 (AMAZON-02) (AMAZON-02)
1	52.216.134.83 52.216.134.83	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:225... 2600:9000:225b:4e00:15:20a2:3900:21	16509 (AMAZON-02) (AMAZON-02)
4	52.218.220.25 52.218.220.25	16509 (AMAZON-02) (AMAZON-02)
5	167.99.182.231 167.99.182.231	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:26f0:350... 2a02:26f0:3500:18::1724:a288	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
9	35.244.143.131 35.244.143.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:26d... 2600:9000:26db:f200:c:ec32:f140:21	16509 (AMAZON-02) (AMAZON-02)
4	52.217.136.33 52.217.136.33	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.192.39 18.66.192.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:c400:d:bdb7:5480:93a1	16509 (AMAZON-02) (AMAZON-02)
4	13.248.221.98 13.248.221.98	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	54.230.228.64 54.230.228.64	16509 (AMAZON-02) (AMAZON-02)
2	76.223.64.65 76.223.64.65	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.173.154.100 18.173.154.100	16509 (AMAZON-02) (AMAZON-02)
110	34

1 37.139.6.182 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

s.agccall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 165.232.36.183 (Slough, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

payment.mdccanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.218.229.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

cv-media-files.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.134.83 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

canadian-visa-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:225b:4e00:15:20a2:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d1ac9zce9817ms.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.218.220.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

cv-media-files.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 167.99.182.231 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)

lps.canadianvisa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:18::1724:a288 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

solidpayments.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.143.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.143.244.35.bc.googleusercontent.com

api.exponea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:f200:c:ec32:f140:21 (United States)

ASN16509 (AMAZON-02, US)

d1dje5mxb6emkl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.136.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mdc-new-funnel-v2.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-39.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:c400:d:bdb7:5480:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.branderblender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.221.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

lcgroups-org.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-64.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.64.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

lcgroups-org.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.branderblender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-100.muc50.r.cloudfront.net

465930902273542.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	mdccanada.ca 1 redirects payment.mdccanada.ca	2 MB
18	cloudfront.net d1ac9zce9817ms.cloudfront.net d1dje5mxb6emkl.cloudfront.net	626 KB
15	amazonaws.com cv-media-files.s3-us-west-2.amazonaws.com canadian-visa-media.s3.amazonaws.com cv-media-files.s3.us-west-2.amazonaws.com mdc-new-funnel-v2.s3.amazonaws.com	771 KB
9	exponea.com api.exponea.com — Cisco Umbrella Rank: 24925	83 KB
7	freshchat.com lcgroups-org.freshchat.com 465930902273542.webpush.freshchat.com	34 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2	527 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	460 KB
5	canadianvisa.org lps.canadianvisa.org	112 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 337	14 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	377 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	408 B
2	branderblender.com ob.branderblender.com — Cisco Umbrella Rank: 405299 obs.branderblender.com — Cisco Umbrella Rank: 432234	38 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	69 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 16545	260 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10513	408 B
1	google.de www.google.de — Cisco Umbrella Rank: 7278	63 B
1	solidpayments.net solidpayments.net	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	agccall.com 1 redirects s.agccall.com	277 B
110	23

	Domain	Requested by
20	payment.mdccanada.ca	1 redirects payment.mdccanada.ca
17	d1ac9zce9817ms.cloudfront.net	payment.mdccanada.ca
9	api.exponea.com	payment.mdccanada.ca api.exponea.com
6	lcgroups-org.freshchat.com	payment.mdccanada.ca lcgroups-org.freshchat.com
6	cv-media-files.s3-us-west-2.amazonaws.com	payment.mdccanada.ca
5	region1.analytics.google.com	www.googletagmanager.com
5	www.googletagmanager.com	payment.mdccanada.ca www.googletagmanager.com
5	lps.canadianvisa.org	payment.mdccanada.ca
4	mdc-new-funnel-v2.s3.amazonaws.com	payment.mdccanada.ca
4	cv-media-files.s3.us-west-2.amazonaws.com	payment.mdccanada.ca
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	connect.facebook.net	payment.mdccanada.ca connect.facebook.net
3	cdn.jsdelivr.net	payment.mdccanada.ca
2	www.facebook.com	payment.mdccanada.ca
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	465930902273542.webpush.freshchat.com	lcgroups-org.freshchat.com
1	geolocation-db.com	d1dje5mxb6emkl.cloudfront.net
1	www.google.nl	payment.mdccanada.ca
1	www.google.com	payment.mdccanada.ca
1	obs.branderblender.com	ob.branderblender.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	payment.mdccanada.ca
1	ob.branderblender.com	www.googletagmanager.com
1	static.hotjar.com	payment.mdccanada.ca
1	d1dje5mxb6emkl.cloudfront.net	payment.mdccanada.ca
1	solidpayments.net	payment.mdccanada.ca
1	canadian-visa-media.s3.amazonaws.com	payment.mdccanada.ca
1	fonts.googleapis.com	payment.mdccanada.ca
1	s.agccall.com	1 redirects
110	31

This site contains links to these domains. Also see Links.

Domain
canadianvisa.org

Subject Issuer	Validity	Valid
*.mdccanada.ca Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-09-01`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-03-15` - `2025-02-15`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.canadianvisa.org Sectigo RSA Domain Validation Secure Server CA	`2023-08-17` - `2024-09-16`	a year	crt.sh
eu-prod.solidpayments.net R3	`2024-04-03` - `2024-07-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
api.exponea.com GTS CA 1D4	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-09` - `2024-05-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.branderblender.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-25`	a year	crt.sh
*.freshchat.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
geolocation-db.com R3	`2024-04-11` - `2024-07-10`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.wchat.webpush.myfreshworks.com Amazon RSA 2048 M01	`2023-06-21` - `2024-07-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://payment.mdccanada.ca/solid3d/payment?lang=en
Frame ID: 2840B768A5A2BAFB1B42A67CFB227835
Requests: 113 HTTP requests in this frame

Frame: https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://payment.mdccanada.ca
Frame ID: 078066496CF8CE2862A927A5631F1E16
Requests: 1 HTTP requests in this frame

Frame: https://lcgroups-org.freshchat.com/widget/?token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&referrer=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==&eagerLoad=true
Frame ID: 6A1CB61C7F1C10375DE3E5898B1CF122
Requests: 1 HTTP requests in this frame

Frame: https://465930902273542.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==
Frame ID: 54671C187BE1C2387740187D57FA2F10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solid 3D Secure Payment

Page URL History Show full URLs

http://s.agccall.com/uwikotcm HTTP 307
https://s.agccall.com/uwikotcm HTTP 301
https://payment.mdccanada.ca/auto-login/MwhTOJwQCVzaiQ5ha1unIXktnNnuf4k-?lang=en HTTP 301
https://payment.mdccanada.ca/solid3d/payment?lang=en Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

110
Requests

100 %
HTTPS

44 %
IPv6

23
Domains

31
Subdomains

34
IPs

7
Countries

4503 kB
Transfer

7076 kB
Size

22
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://canadianvisa.org/why-use-rcic
Title: Why Use an RCIC?

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration
Title: Canada Immigration

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/express-entry
Title: Express Entry

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/skilled-worker
Title: Professional And Skilled Worker

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/skilled-worker/quebec-skilled-worker-visa
Title: Quebec Skilled Worker Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/skilled-worker/federal-skilled-worker
Title: Federal Skilled Worker Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee
Title: Provincial Nominee Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/alberta-pnp
Title: Alberta

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/british-columbia-pnp
Title: British Columbia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/manitoba-pnp
Title: Manitoba

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/new-brunswick-pnp
Title: New Brunswick

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/newfoundland-and-labrador-pnp
Title: Newfoundland and Labrador

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/northwest-territories-pnp
Title: Northwest Territories

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/nova-scotia-pnp
Title: Nova Scotia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/ontario-pnp
Title: Ontario

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/prince-edward-island-pnp
Title: Prince Edward Island

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/saskatchewan-pnp
Title: Saskatchewan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/yukon-pnp
Title: Yukon

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/quebec-pnp
Title: Quebec

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship
Title: Family Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/spousal-and-family-sponsorship
Title: Spousal and Family Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/common-law-partner-sponsorship
Title: Common-Law Partner Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/parental-sponsorship-program
Title: Parent and Grandparent Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/supervisa
Title: Super Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business
Title: Business Immigration

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/self-employment-program
Title: Self Employed Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/investor-visa
Title: Investor Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/entrepreneur-visa
Title: Entrepreneur Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/business-visitor-visa
Title: Business Visitor Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada
Title: Study In Canada

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/list-of-academic-instutions
Title: University List

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/british-columbia-university
Title: British Columbia University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/british-columbia-institute
Title: British Columbia Institute of Technology

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/mcgill-university
Title: McGill University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/simon-fraser-university
Title: Simon Fraser University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/vancouver-film-school
Title: Vancouver Film School

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/fairleigh-dickinson-university
Title: Fairleigh Dickinson University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/work-as-a-student
Title: Work As A Student

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/post-graduate
Title: Post Graduate

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/study-permit-visa-partners
Title: Study Permit Visa Partner

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/canada-education-system
Title: Canada Education System

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/visitors-visa
Title: Visitors Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/temporary-visa
Title: Temporary Visa'

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/temporary-visa/caregiver-visa
Title: Caregiver Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/temporary-visa/working-holiday-visa
Title: Working Holiday Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/permanent-residency
Title: Permanent Residency

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/ielts-course
Title: IELTS Course

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada
Title: Life In Canada

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces
Title: Provinces

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/alberta
Title: Alberta

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/british-columbia
Title: British Columbia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/manitoba
Title: Manitoba

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/new-brunswick
Title: New Brunswick

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/newfoundland-and-labrador
Title: Newfoundland and Labrador

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/northwest-territories
Title: Northwest Territories

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/nova-scotia
Title: Nova Scotia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/nunavut
Title: Nunavut

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/ontario
Title: Ontario

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/life-prince-edward-island
Title: Prince Edward Island

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/quebec
Title: Quebec

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/saskatchewan
Title: Saskatchewan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/yukon
Title: Yukon

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment
Title: Employment

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/industry-specific-job-websites
Title: Industry Specific Job Listing Websites

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/general-job-websites
Title: General Job Listing Websites

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/youth-job-websites
Title: Youth Job Listing Websites

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/resume-writing
Title: Resume Writing

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/job-applications
Title: Job Applications

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/cover-letter
Title: Cover Letter

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/interview-questions
Title: Interview Questions

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/salary-negotiation
Title: Salary Negotiation

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/facts-about-working-in-canada
Title: Facts About Working in Canada

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/job-skills
Title: Job Skills

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/how-to-perform-well-at-work
Title: How to Perform Well at Work

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/worker-rights
Title: Workers' Rights

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/health-and-safety
Title: Health and Safety

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/canadian-employers
Title: Canadian Employers

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/professional-immigrant-networks
Title: Professional Immigrant Networks

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/economy/basic-information
Title: Basic Information

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/economy/canada-economic-structure
Title: Canada Economic Structure

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries
Title: Key Industries

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/service-industry
Title: Service Industry

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/manufacturing
Title: Manufacturing

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/natural-resources
Title: Natural Resources

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/mining-sector
Title: Mining Sector

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/festivals-cultural-attractions
Title: Festivals and Cultural Attractions

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/places-of-worship
Title: Places of Worship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/religious-rights
Title: Religious Rights

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/multiculturalism
Title: Multiculturalism

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/associations
Title: Associations

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/volunteer-work
Title: Volunteer Work

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care
Title: Health Care

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/ontario-health-plan
Title: Ontario Health Insurance Plan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/british-columbia-health-plan
Title: British Columbia Health Plan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/alberta-health-plan
Title: Alberta Health Plan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/extended-health-coverage-plans
Title: Extended Health Plan Coverage

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/insurance/personal-insurance
Title: Personal Insurance

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s.agccall.com/uwikotcm HTTP 307
https://s.agccall.com/uwikotcm HTTP 301
https://payment.mdccanada.ca/auto-login/MwhTOJwQCVzaiQ5ha1unIXktnNnuf4k-?lang=en HTTP 301
https://payment.mdccanada.ca/solid3d/payment?lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request payment Show response
payment.mdccanada.ca/solid3d/
Redirect Chain

http://s.agccall.com/uwikotcm
https://s.agccall.com/uwikotcm
https://payment.mdccanada.ca/auto-login/MwhTOJwQCVzaiQ5ha1unIXktnNnuf4k-?lang=en
https://payment.mdccanada.ca/solid3d/payment?lang=en

95 KB
16 KB

115ms
115ms

Document
text/html

165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7d2b5f286ae47d04a9c42c651332dd1dc65e9c357c34e547cc0862de788f3375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 May 2024 21:03:57 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 May 2024 21:03:57 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: /solid3d/payment?lang=en
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 134ms
65ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d01cc02e7815491811415ef14e942f40da3494ac3f66857b71d9e9af0bd4f960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 21:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:40:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 21:03:57 GMT

GET
H/1.1 200
OK new_payment.css
payment.mdccanada.ca/css/ 11 KB
12 KB 52ms
48ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/new_payment.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

edfd5f21768edfc6a2203906a32a757b7434cb2b6f082ff10e9923394c6d27c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-2c8e"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11406
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK trust3d.css
payment.mdccanada.ca/css/modules/ 2 KB
2 KB 86ms
31ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/modules/trust3d.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d92238060bc2ee903bf64a5458850bca60fc4b1e05b465af54bc86afc610d033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-645"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1605
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK solid3d.css
payment.mdccanada.ca/css/modules/ 122 B
510 B 86ms
30ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/modules/solid3d.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

91ee15c0b2875449c2691eb56966d1d2be424485309a746f7294c13f23555deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-7a"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK payment_link.css
payment.mdccanada.ca/css/modules/ 35 KB
35 KB 137ms
81ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/modules/payment_link.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

58436a4fa28a17c2689f8375d01095276e95cac03517b3c649e14f06c195f3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-8a2d"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35373
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.css
payment.mdccanada.ca/assets/dc93def/css/ 143 KB
143 KB 199ms
134ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/dc93def/css/bootstrap.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-23a0d"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145933
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK site.css
payment.mdccanada.ca/css/ 11 KB
12 KB 131ms
65ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/site.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

86316eec675b32346b1a476a7495b040ac3f45f0281918c222c984edc54cacda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-2c9f"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11423
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.formstyler.css
payment.mdccanada.ca/css/ 2 KB
2 KB 138ms
51ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/jquery.formstyler.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7f62e179ab6ac34a40148be67c533c8dfbefecceb73a1b721ef0c7e3154d3da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-729"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1833
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.formstyler.theme.css
payment.mdccanada.ca/css/ 10 KB
11 KB 139ms
53ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/jquery.formstyler.theme.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8ddb060965730ddb8fd83e8a3897f129847f9a85cfde5cded2afd0bcbf5edd2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-29eb"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10731
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
payment.mdccanada.ca/css/ 198 KB
199 KB 277ms
191ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/main.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8f6f12c27aa252907afd89baf65e862d08617d79d070e9719ab42d9b65637ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Oct 2020 12:56:39 GMT
Server: nginx
ETag: "5f7b1807-31934"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 203060
X-XSS-Protection: 1; mode=block

GET
H3 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 63ms
36ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4253458
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220022-FRA, cache-lga21945-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7JM0bOdR%2B9iPSRIBWRMrAPaPfcGfpcOjV7npqBczzYY17J8hzZF8%2FM7DOxaKi%2B2i7XQAGGUTgG8KQmMwR38k1IlS9%2FBe5R5H4w1GVgVJlBVMID5DlIs2tuxeTe024csstA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87d2b89fbf8a9711-AMS

GET
H3 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 63ms
38ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1499530
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXyO0xd3kxfFOlZrcS9dVVj4W5Ziqz3C2NajZbgZ48i2pqFEMgtBiiTVK9DHu9e2BlJuDTQWFKPzWlL7XpiU9N7VjJLVFIqSrWNcVammI5TOuUYVpOXn2dIAd4zbWze1K2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87d2b89fbf889711-AMS

GET
H/1.1 200
OK solid.css
payment.mdccanada.ca/css/ 236 B
624 B 198ms
65ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/solid.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

51f4582486ca6ea9d7521901650bcd2ac16c0b7676b66b129472c29fc79255ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-ec"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 236
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK en.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/ 2 KB
2 KB 678ms
236ms Image
image/png 52.218.229.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/en.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.229.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 289ed5b990a607d3c5ff04e87fc1f22ae935a0900df68a5f465c5ac5923ca01d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:58 GMT
x-amz-version-id: KRmUoLe8soupkoASJAjuODo0RGuCr.X7
Last-Modified: Fri, 14 Aug 2020 13:08:46 GMT
Server: AmazonS3
x-amz-request-id: Z23VKPZH61PPHBFF
ETag: "1e4d5f2c0146abab8311a29aadb4871a"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 1618
x-amz-id-2: cXXlwZvp77ExrPVrUXLyzSbjsesWpQVVJsH2BnOdMIipTf9MsRqOy0Di9L5qA5MiqIi6tffyA+0=

GET
H/1.1 200
OK es.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/ 2 KB
3 KB 678ms
237ms Image
image/png 52.218.229.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/es.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.229.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb9e40dc843c17b5aa1b783927cd2b4312d192a0f796aaf4c112e760b5e2af2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:58 GMT
x-amz-version-id: jG629sYL1kau8huIwp_B2BG5eC57USBG
Last-Modified: Fri, 14 Aug 2020 13:08:46 GMT
Server: AmazonS3
x-amz-request-id: Z23XS4DEB5AA3Q5A
ETag: "ca16fd142f2e7195d88b3c77c9d43fc7"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 2141
x-amz-id-2: Begspd2A0/GG4s0Ti6PhryUmf/dVIZ7Y8+VoW9mKNfXF8w8EmnOkhNNY7zySB09zFKhCGCRZl9g=

GET
H/1.1 200
OK fr.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/ 1 KB
2 KB 657ms
236ms Image
image/png 52.218.229.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/fr.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.229.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae62aca8866fbca77e935b5429119eeda9d3646a1cc52568d35e10a580f553b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:58 GMT
x-amz-version-id: liTgUORUfzgP7FNuzT35kYSsgNU5LGqG
Last-Modified: Fri, 14 Aug 2020 13:08:46 GMT
Server: AmazonS3
x-amz-request-id: Z23Q5KDTS9AT9QZX
ETag: "0e1f5874be9988bd42194c7dd4e82323"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 1448
x-amz-id-2: KkOkQ8orKBA2kS9osKeEi4Z8ph3UMu+Q5Wn2Fc/qhXg0r5OTvRKG80FgTgPC7Y/fRFZ3nmTPfcE=

GET
H/1.1 200
OK pt.svg
canadian-visa-media.s3.amazonaws.com/images/payment/ 12 KB
12 KB 1283ms
160ms Image
image/svg+xml 52.216.134.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadian-visa-media.s3.amazonaws.com/images/payment/pt.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.83 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d1bcd0b606710857e19aaa7cccd62c7264318271649738e76006c05f30d01062

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: tf.DMiSuGJGUmLjNaOuP64dY3rdOZ2Uo
Last-Modified: Wed, 24 Nov 2021 15:55:46 GMT
Server: AmazonS3
x-amz-request-id: 5QPJXCCJ213PT8RE
ETag: "7f2bbb3c489b6c954ab3900a05bdbcfb"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 12204
x-amz-id-2: d1kZ2e6yOPV0dm2iboolBmfCR3bAku1xlPMKhWtOhxpKSb2vYohMVKfq0+X8FNcWgjgD1CQ5QFE=

GET
H/1.1 200
OK Icon_logo_white.svg
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/ 7 KB
7 KB 651ms
234ms Image
image/svg+xml 52.218.229.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/Icon_logo_white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.229.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 349bea457c5a6e16fb7487465feebabee1c45429c4317aa9706ef5f7599668df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:58 GMT
x-amz-version-id: RPw_oBGIZCe6WuuK2.SKUijujMnJVWzs
Last-Modified: Wed, 12 Aug 2020 11:07:46 GMT
Server: AmazonS3
x-amz-request-id: Z23R6Z26TJAS74CW
ETag: "f8fe1aa5e6d28b5277574395180262d1"
Content-Type: image/svg+xml
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 6896
x-amz-id-2: jlsKvwjhHl6hUxAbIXf5YCVcGtwedrZJle9ingz0FNncvoqGKOGljn2L26earLxMxKuKG4nGw7M=

GET
H2 200 Logo_white.svg
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 43 KB
21 KB 292ms
71ms Image
image/svg+xml 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/Logo_white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e26d26fbcf10cdc20e715a8fc167a216ae90f792c6cc76256512c41bf4d5ff5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xDatzbNuq41SX59ggsv.2CCUY3lo0UMO
content-encoding: gzip
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 08:34:43 GMT
last-modified: Tue, 14 Mar 2023 08:58:26 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 44955
x-amz-server-side-encryption: AES256
etag: W/"09479b8cf4b2e78a7c0e877faa4bde62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
x-amz-cf-id: yf0q_23A8TzZ_yd9B-p6BtpWjFMgKdR4knbYJkNa5kZ-1V0l44npAQ==

GET
H2 200 Logo_light_full.svg
d1ac9zce9817ms.cloudfront.net/images-new/general/ 12 KB
3 KB 267ms
46ms Image
image/svg+xml 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images-new/general/Logo_light_full.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94586f5b7f5e497ea5035fc2a1cff44b3103f268b903c3a5bde1746e7d122134

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: G_7YlIfERLFgY1aWuSnJ2tExmOHMv8R_
content-encoding: gzip
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
date: Wed, 01 May 2024 08:34:43 GMT
last-modified: Thu, 23 Mar 2023 10:57:25 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 44955
x-amz-server-side-encryption: AES256
etag: W/"b4dd752c38a231a22bfa2e7b9cc03b8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
x-amz-cf-id: EHnKLHHJuF6yLelB7Nczzl20OGC4OTVfWIeLCTtPh4wyUzyDPVpxKQ==

GET
H2 200 tp_rev_transparent.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 5 KB
6 KB 271ms
50ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/tp_rev_transparent.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7027af9bf75f5a7ca52a3e04aa292a4d30342919772a2e354018ea2b150b30af

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 11:24:10 GMT
x-amz-version-id: 0e7dDdnbPflPq.Nff76P3.hh_poYzy41
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 34788
etag: "74b6140d723b52afa5ae9cf0511ff79b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 5579
x-amz-cf-id: bI7H5QYofXPpxHVi8Qd4CTj7_AetIcl6WlJ4lnQNbMTaaBspdoVdgg==

GET
H2 200 g_rev_transparent.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 5 KB
5 KB 190ms
72ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/g_rev_transparent.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d833367b6cbfffdf170d0d33673e35c1ce616654245378d14ef3890937f9f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: tIwJkQBc0N2aIzDVTOITToJh1GfaxQkr
date: Wed, 01 May 2024 10:21:56 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 38522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 5156
last-modified: Thu, 29 Feb 2024 13:40:24 GMT
server: AmazonS3
etag: "ef1bec30b39acb8ad0ff019f316c0bbc"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: yvZFeWGnlZHnIbjiZbDUck4Ze3x_cleZi5cfWNQPIX8MaPekn1gTeA==

GET
H2 200 card-lock.svg
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 2 KB
1 KB 134ms
132ms Image
image/svg+xml 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/card-lock.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e386804fca2de27287995ee6100058179f0c2b9a7d7883b5a4dfa4fcf4819891

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 11:24:10 GMT
x-amz-version-id: R8rB.UEz1er6VX8.uPDZ_I9zYrRzBPb9
content-encoding: gzip
last-modified: Tue, 14 Mar 2023 09:40:02 GMT
server: AmazonS3
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/"54fb9c47f6ed45092c9292dd74916817"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
age: 34788
x-amz-replication-status: REPLICA
x-amz-cf-id: eBJ5AM_APu9rZKn9rVVtaaL7uk8V0U7BpnEtRHz8rGYqeSUjUiyeOg==

GET
H2 200 check-white.svg
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/trust_multi/ 654 B
1 KB 378ms
376ms Image
image/svg+xml 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/trust_multi/check-white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b48eb21e579e004fcce778b98126f11f4879b06444b6185779c3a949d001116

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BWs7wJgv3f9M2pUhofAZBIkJJRK_OIdS
date: Wed, 01 May 2024 08:34:43 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jul 2022 07:18:20 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 44955
etag: "bc8db4b60382879bcd3b4fb900d16aa1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 654
x-amz-cf-id: r_HW2Q8-fMFBowoUfQrlCtLFOp5-UUDeUmL-vBiR1vuBITEQaVUiRg==

GET
H2 200 mdc_david.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 126 KB
126 KB 207ms
206ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_david.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68b1a10699dad6e61ccb4093cf5017571e42d1cefaca62669581677956cac152

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Vmmk46e9vCsV2chz6OL6mNBGuz7n9ADE
date: Wed, 01 May 2024 10:21:57 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 38521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 128922
last-modified: Tue, 14 Mar 2023 12:02:12 GMT
server: AmazonS3
etag: "dd4c5846b5d60fb8103f9a866700c4cf"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: jSSbQvkO5M5AASWNVZfopMkwF14vcnnJIh1VruGQWexszhvvbg21RA==

GET
H2 200 mdc_giovanni.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 112 KB
112 KB 369ms
368ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_giovanni.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ed0105089a46f9fdad6234d109091776b6b42a9fb716b1a8a3745228a4a1186

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QsqwtYn5gppbbGyuYt8pTd4sLdZHL9KK
date: Wed, 01 May 2024 08:34:43 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 114621
last-modified: Tue, 14 Mar 2023 12:02:09 GMT
server: AmazonS3
etag: "fdda75bd98dd31a3ca6f2db8d70c403a"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: C733EhO1ag1KcIiEymLW4T3QnjW4vWXtXW3EthPMDH4SdM8_3B4wXA==

GET
H2 200 mdc_jimmy.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 131 KB
132 KB 143ms
142ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_jimmy.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddda2cc348b4d18cee0a59c17740f40f56b46f914dbf023ad4b1af3c0c5d68c7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FOYJs_8_VDBcMfJDZqWwY0GNq1r0AWGa
date: Wed, 01 May 2024 08:34:44 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 134498
last-modified: Tue, 14 Mar 2023 12:02:10 GMT
server: AmazonS3
etag: "1e0858a912f37440b796936c7d81834d"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Ec19fWEpO274SD9kLqY554T5QMkTuw-Mhsv-DxnbrJ9vhdmGW5xNSg==

GET
H2 200 mdc_alireza.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 95 KB
96 KB 147ms
146ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_alireza.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eca0c7e678919f04535499591de95afb80f21ec06a2e3c1cf94099f990261c6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Tt.wO6ljuHG0zBpYadXRxPYcZAlnED71
date: Wed, 01 May 2024 08:34:44 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 97719
last-modified: Tue, 14 Mar 2023 12:02:11 GMT
server: AmazonS3
etag: "c473217159b06cb51524f3864db08f6f"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: MQs5OpZRUcVFxqscB2PnfxhhzK73nxT9paCub2MQqSprfvBMDLiMhQ==

GET
H/1.1 200
OK mdc_katherine_2.jpg
cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/ 74 KB
74 KB 720ms
280ms Image
image/jpeg 52.218.220.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/mdc_katherine_2.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.220.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6fb84f62990a7291458a9bce450191cadabd9416e526e79efd28ce0d7c4b881e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: pOmdsJJvzmnAsSKhpT2jwu0UPpAfbIPP
Last-Modified: Tue, 11 Apr 2023 12:50:06 GMT
Server: AmazonS3
x-amz-request-id: 5QPZJF7D5ZSE125C
ETag: "27fce1a23b9fce2190cf742277e18333"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 75725
x-amz-id-2: c+gpwANCoclRzaG+Wpcv8Prqebq/Jh2iDHDcxH3t1XwZFyFFbytNbXaIY64LWeF5LuhcS3ECy8I=

GET
H/1.1 200
OK mdc_solange_2.jpg
cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/ 77 KB
78 KB 855ms
282ms Image
image/jpeg 52.218.220.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/mdc_solange_2.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.220.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc4a3465c4c5d5ccd423dcbcaeb603c4bd0f63bce1150b4efbd7fddaf740b4c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: WkM4HyhS83iLjABD9IkGLysS092XnPWH
Last-Modified: Tue, 11 Apr 2023 12:50:03 GMT
Server: AmazonS3
x-amz-request-id: 5QPRBRKTYPGPTXG4
ETag: "6a4d21d6751a8054e1fac9b72ef07b33"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 78991
x-amz-id-2: r8oblPA8WIIDDeg4Vj8zMYFWvZTwScTkYxNmBewEXiwqDCtuYJdV0LtlmhzAla8ysqpeFMampLU=

GET
H/1.1 200
OK mdc_eladoria_2.jpg
cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/ 74 KB
74 KB 937ms
244ms Image
image/jpeg 52.218.220.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/mdc_eladoria_2.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.220.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f98e99a9093900de6d892130893996c5b6d931655179eb32f057959ef02e5165

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: r8crKw58lKU_x.IGaJpZnRS63oO.NieF
Last-Modified: Tue, 11 Apr 2023 12:50:05 GMT
Server: AmazonS3
x-amz-request-id: 5QPV8E9XHNFXGJJN
ETag: "d7eb4d32357b712b22a95b31b57e00d4"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 75375
x-amz-id-2: 9Ka9KmTAhyNCQ5rRA++WKl8+G0PynEljMSb8oQrZA5gqe+JpNLcurR4t7mBswiBqYP4Mkry0VXc=

GET
H2 200 tp_rev.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 9 KB
9 KB 309ms
307ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/tp_rev.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 158846df28c60719849d9258e6b56cb7726cbb61e30a15fd5afa58b62cf376d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: iAsR_qDKSX8DuxV8Jjm86hVuUGnhmz7K
date: Wed, 01 May 2024 08:34:44 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 8928
last-modified: Thu, 29 Feb 2024 13:45:17 GMT
server: AmazonS3
etag: "3293819f9178a409e62f6673de9d3057"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 0iVJ4DxlSeyM8OSoqt6_14GipB5396YadzyfW_OorHwwmZxwchvJ9A==

GET
H2 200 g_rev.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 10 KB
10 KB 308ms
306ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/g_rev.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 742d2a43bc2e07e4ce994c97173ee31ca0aaf595d0986788f4c5c71ca670c4e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 11:24:10 GMT
x-amz-version-id: MMmTEJxetAhs_f8VWrTiJK9uQzct1Crf
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 13:45:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 34789
etag: "d535d2bd4fb71428dbf11d1e78f0183b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 10233
x-amz-cf-id: S4ETg5PJ1Sd_MU0O5-o6_rNnFCGrol-a-G8_oFvQ-fVfrFKBhTuSow==

GET
H2 200 David.png
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/ 53 KB
53 KB 875ms
413ms Image
image/png 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/David.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f5798d2bf40221b1a159edce182993d2cde63dd4ec3a945532411bf07f7e4ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 01 May 2024 21:03:58 GMT
last-modified: Thu, 12 Nov 2020 15:54:09 GMT
server: nginx
etag: "5fad5aa1-d29c"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 53916
expires: Thu, 01 May 2025 21:03:58 GMT

GET
H2 200 Jimmy.png
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/ 55 KB
55 KB 757ms
297ms Image
image/png 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/Jimmy.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 92cd6e6acd0b0744801db343d0fa4a32f5c106925a19628a5fca948e6aacf92f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 01 May 2024 21:03:58 GMT
last-modified: Thu, 12 Nov 2020 15:54:12 GMT
server: nginx
etag: "5fad5aa4-db9a"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 56218
expires: Thu, 01 May 2025 21:03:58 GMT

GET
H/1.1 200
OK canadianvisa_logo_white.svg
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/funnels/ 8 KB
9 KB 242ms
242ms Image
image/svg+xml 52.218.229.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/funnels/canadianvisa_logo_white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.229.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5afd6716402effa7da36565f71ba6a3840147dad4c3bebb097ed32e840f0b717

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: 0mcYeB5Muhm4D_SGO3PdmDNvhcqwX9SB
Last-Modified: Wed, 12 May 2021 13:33:04 GMT
Server: AmazonS3
x-amz-request-id: 5QPHZQFC0NHX2EFJ
ETag: "79a5555b4c28c84df85aeb1beb7610f5"
Content-Type: image/svg+xml
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 8493
x-amz-id-2: 5pkORgw5tL4wPUTBSh1tg8OX64aUbvcjM9zAMuipVYm8OHJdw2qnZrbSRwjOeup/DszVUkJ95LY=

GET
H2 200 Facebook.svg
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/ 627 B
835 B 873ms
413ms Image
image/svg+xml 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/Facebook.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3da68c427952c6f87a17fbd75f6fd18acda783257d0de6c54cc970d35dde072d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 01 May 2024 21:03:58 GMT
last-modified: Thu, 12 Nov 2020 15:54:18 GMT
server: nginx
etag: "5fad5aaa-273"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 627
expires: Thu, 01 May 2025 21:03:58 GMT

GET
H2 200 Twitter.svg
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/ 973 B
1 KB 697ms
414ms Image
image/svg+xml 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/Twitter.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c6e0676d3ea2badee784595660572ef3d5354c27ba7ce101071c423372384d6c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 01 May 2024 21:03:58 GMT
last-modified: Thu, 12 Nov 2020 15:54:20 GMT
server: nginx
etag: "5fad5aac-3cd"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 973
expires: Thu, 01 May 2025 21:03:58 GMT

GET
H2 200 Instagram.svg
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/ 1 KB
2 KB 623ms
414ms Image
image/svg+xml 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/Instagram.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ebb556a29ec199dd9b046ef88c0e42e4b702cefd3033f98f60bcebe03f151dc5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 01 May 2024 21:03:58 GMT
last-modified: Thu, 12 Nov 2020 15:54:15 GMT
server: nginx
etag: "5fad5aa7-5ce"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1486
expires: Thu, 01 May 2025 21:03:58 GMT

GET
H/1.1 200
OK card-error.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/ 2 KB
2 KB 239ms
238ms Image
image/png 52.218.229.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/card-error.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.218.229.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b62070ba47b830d8cd7b32f00ced8b7c40824ca86891e844b5f9198aa54e4687

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: tpYXAcurw73gzTkNOG1iWWCD8gLu0BHj
Last-Modified: Thu, 30 Jul 2020 11:12:24 GMT
Server: AmazonS3
x-amz-request-id: 5QPQSJSZXHHF6YCK
ETag: "ebd4d37e5960e088554b831142334709"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 2020
x-amz-id-2: V+mFgwJ2Q9B1R4gpjnc4Cq0IT/Oj1tucZ+LUFQlfUjQtHpk91Z+GEBPfE7qqnoZZpaNyFDqBK3A=

GET
H2 200 paymentWidgets.js Show response
solidpayments.net/v1/ 2 KB
1 KB 527ms
302ms Script
application/javascript 2a02:26f0:3500:18::1724:a288
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://solidpayments.net/v1/paymentWidgets.js?checkoutId=7D11F730210C258E3AB98DB3BCE11F2F.prod01-vm-tx05

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a288 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ACI /

Resource Hash

ba99b79e9ef0f966fc5ead8d80950ed46a824c37555b94448c1bafcaaadfe84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 21:03:57 GMT
server: ACI
vary: Accept-Encoding
content-language: nl-NL
content-type: application/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
tls-ciphers: TLS_AES_256_GCM_SHA384
content-length: 751
x-xss-protection: 1; mode=block
expires: Wed, 01 May 2024 21:03:57 GMT

GET
H/1.1 200
OK payment_link.js Show response
payment.mdccanada.ca/js/funnels/ 941 B
1 KB 64ms
63ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/funnels/payment_link.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f4939b06b39ac47cccffd4a2022abb4b73b9f79f57bfd26e361f237018efc127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-3ad"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 941
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
payment.mdccanada.ca/assets/864425d/ 281 KB
281 KB 62ms
61ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/864425d/jquery.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-4638e"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 287630
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK yii.js Show response
payment.mdccanada.ca/assets/eeb5300d/ 20 KB
21 KB 43ms
43ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/eeb5300d/yii.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-51c6"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20934
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.js Show response
payment.mdccanada.ca/assets/dc93def/js/ 74 KB
74 KB 45ms
44ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/dc93def/js/bootstrap.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-126dc"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75484
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK angular.js Show response
payment.mdccanada.ca/assets/cc9826c1/angular/ 1 MB
1 MB 47ms
46ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/cc9826c1/angular/angular.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

593da46ed8890edf70f2e97e82a629c931da3c72302b32a8663942c9b5c307d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:57 GMT
Server: nginx
ETag: "60ee8591-140899"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1312921
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK events-module.js Show response
payment.mdccanada.ca/js/modules/ 3 KB
3 KB 41ms
41ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/modules/events-module.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a6e1cf13bc3b468a14b6cd91536c534c9ffc0d33d4116dc1ccdfbdf7b78c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Nov 2022 08:29:50 GMT
Server: nginx
ETag: "6377427e-c58"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3160
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
payment.mdccanada.ca/js/ 22 KB
23 KB 74ms
72ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/main.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9cc2231a485a134696d965441373b45d5e88f726d78c2cb9a490d483253226f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Apr 2024 12:57:31 GMT
Server: nginx
ETag: "662a533b-58f1"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22769
X-XSS-Protection: 1; mode=block

GET
H3 200 slick.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 87 KB
16 KB 44ms
39ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4249214
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220115-FRA, cache-lga21945-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dV04sO%2BIdFWmMs8M2lSccALjZ7rNW8cL4GIaZwF9twptNpgPYUn24ZZ7qcEavarw%2B8CGIUsJB8R4aaAgEu2HxMZztXku59wxX2Zp4CGTiknozac9Em63fgx0eSr3IneW8dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87d2b89fcf8e9711-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 311 KB
102 KB 372ms
95ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ace374f9111b66ade2f58f1814cc0a6812bf41b651c9aa66a59e57a2782f5b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 21:03:59 GMT

GET
H2 200 exponea.min.js Show response
api.exponea.com/js/ 204 KB
63 KB 328ms
90ms Script
application/javascript 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/js/exponea.min.js
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 546582040f78d9cdd241d32fdedbb5f5304cb6ef85a72d34e5673ec32a4d3458

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 24 Apr 2024 07:14:31 GMT
server: nginx
etag: "6628b157-fb81"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64385
expires: Wed, 01 May 2024 22:03:59 GMT

GET
H2 200 modifications.min.js Show response
api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/new/ 43 KB
17 KB 264ms
27ms Script
application/javascript 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/new/modifications.min.js?http-referer=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&timeout=4000ms
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 762b1b256e19b1bcf11e0f3bca305fab026da5e101ecc0c903d26e0b28209716

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: gzip
via: 1.1 google
etag: "762b1b256e19b1bcf11e0f3bca305fab026da5e101ecc0c903d26e0b28209716"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cve.js.br Show response
d1dje5mxb6emkl.cloudfront.net/cve/ 77 KB
22 KB 632ms
452ms Script
binary/octet-stream 2600:9000:26db:f200:c:ec32:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1dje5mxb6emkl.cloudfront.net/cve/cve.js.br
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:f200:c:ec32:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b92c75200923ef3bcff1325670e81e27e37227ab9b018cf8568a0eedbe514351

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:00 GMT
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22245
last-modified: Tue, 16 Apr 2024 14:16:26 GMT
server: AmazonS3
etag: "9feabaa7be3d1b7a7e4c76e1d535e879"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: y5pyuoBlO0ebyOXLlLnM9dtpjZiEWCWVGm9MC2QnHndHCsXffSDzdw==

GET
H2 200 img_header.webp
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_combine/ 79 KB
79 KB 89ms
88ms Image
image/webp 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_combine/img_header.webp
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e8997ef3844d8617fa23c25823c70faf36a8efb04a0a42d96f102180ec4850

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6pdoBt.VIjNz57YVIRIX.TVPipXPkbDK
date: Wed, 01 May 2024 21:03:57 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 58670
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 80612
last-modified: Thu, 22 Feb 2024 12:46:34 GMT
server: AmazonS3
etag: "3114b58ba97c0c6852096f251d40d2a5"
vary: Accept-Encoding
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: arzgss9O_mOQ-hh_oaOrzkN2uhC8OnWcntEOYQ2RPHzNzMafAZ_FyQ==

GET
H/1.1 200
OK testimonials-bg.jpg
cv-media-files.s3.us-west-2.amazonaws.com/images/payment/funnels/funnel_mdc/ 269 KB
270 KB 716ms
255ms Image
image/jpeg 52.218.220.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/images/payment/funnels/funnel_mdc/testimonials-bg.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.220.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37f8af81c6651000937b4ec8fa0918730b6487303940735ef021f80f7d149602

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
x-amz-version-id: _h6LpTecCCwKFLsROi7MMNYsqyUHDLTI
Last-Modified: Tue, 14 Mar 2023 15:15:49 GMT
Server: AmazonS3
x-amz-request-id: 5QPXD01B35NB9JZ1
ETag: "65a49a9f9b6d335fa618c828e8004ef6"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 275803
x-amz-id-2: LRf1rLDRwYNxrLkomtst9NdhyC638ktieG95cKwzJDgnKN3BbFJUPDTs+/AhvdIx3gqq7xN4W/I=

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Rubik-Regular.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 50 KB
50 KB 467ms
174ms Font
binary/octet-stream 52.217.136.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/Rubik-Regular.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.136.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94579787a5a52a7dbf3209ccc91589eeda9878f9ff137d5fc43f4da98cc38e9a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: 5QPXDFAJCWT6EV4R
ETag: "d57d4c613b7a4e76b61040d1a3d712f2"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 50724
x-amz-id-2: wtXHjKB219sSQKwdoejbgnGqljRWVRay+QjhhDBxjHA/p7HQavL6UGAVbOzhnpVLphR7WGYM4/4=

GET
H/1.1 200
OK Rubik-Medium.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 50 KB
51 KB 833ms
150ms Font
binary/octet-stream 52.217.136.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/Rubik-Medium.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.136.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: af86eeeed7ff7c39421245942486e472828ea3f89d5c5b8b1f45427de447cac6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: 5QPTA5AT2CX0H0V9
ETag: "457e61c034561dcf61bc40dba0647c2b"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51524
x-amz-id-2: I2W0CFg46+O9p15aiM2bVThlf0Qlqu2uhFZ/D18gZa1GwYOvl7aCpUr9+anbmZ6BPm7Z4Rt/LpQ=

GET
H/1.1 200
OK PlayfairDisplay.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 86 KB
86 KB 525ms
204ms Font
binary/octet-stream 52.217.136.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/PlayfairDisplay.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.136.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf3303e6b1d8f51e4ea85a1907f8bd9b4f619d355d5a0ef9f2ff50dd658642d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: 5QPG38JTX10590N6
ETag: "baa785f8c13fa2f5586b9edc2c86ea00"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 87760
x-amz-id-2: nDDg+0DNoRbtnQfCrJ9bkXPogy/vc4XgEeh2srdb39+OijqEr1bmCOHvUW+TVm8tKG8PFfz0NZ0=

GET
H/1.1 200
OK Rubik-Bold.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 50 KB
51 KB 906ms
165ms Font
binary/octet-stream 52.217.136.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/Rubik-Bold.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.136.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9a0f5e2db3067a91f5ad66cac49639247255eefbfd37c15f5264cd5453c7b139

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:03:59 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: 5QPT9BF190H35CP7
ETag: "348a37ff9f2fdd15c5dc999cf1c010ba"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51224
x-amz-id-2: 9W0eFLlYsTBcUYdXu4rD6rIhVQ/6VAH7kkyy5VecrpYWtfcBBUTVthIQizxSIW578UNa5SNr3A4=

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 23 KB
1 KB 99ms
46ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/new/modifications.min.js?http-referer=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&timeout=4000ms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: br
via: 1.1 google
etag: "d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb"
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 23 KB
1 KB 31ms
31ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle?ii=1
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: br
via: 1.1 google
etag: "d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb"
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 23 KB
12 B 60ms
45ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
via: 1.1 google
content-encoding: br
etag: "d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb"
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
106 KB 105ms
104ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00ea8daa5673804b4f4cb706caa15cc91ebb3759c33dd28bb8853da74a9e710b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 21:03:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 155ms
49ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 May 2024 19:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4976
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 May 2024 21:41:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 151ms
47ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd3521e9b79712590c50523ef00789c637324afa1c8987bf5b773c5d3a66fb3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 21:03:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57855
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1294, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: DuLbBL0vZRtR7J5pF0OmgpdDBpg7YqjR928meqXvFk764B9STd8sFiFn4YkW3nsRN4EJWQakVIFFQLPRLZIuUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 171ms
60ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaef401a4bbe135c3379b250fa9df5bf7359a6703523a79e6fdc667c64e6dd52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 01 May 2024 21:03:59 GMT

GET
H2 200 hotjar-3485971.js Show response
static.hotjar.com/c/ 9 KB
4 KB 237ms
64ms Script
application/javascript 18.66.192.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3485971.js?sv=6

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-39.muc50.r.cloudfront.net

Software

Resource Hash

b148a70822b1c6595fa4bf95c23f3780608e553d36f22e81e683f4ca87c5fa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 01 May 2024 21:03:59 GMT
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 37
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/a58b02cd7b75cd354cfce5121be2fd3d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: gUe1BbqLcdCNAVisMkiFRFvyPrSu2Zd2cAzkJmel_rcJrWQ-99csMw==

GET
H2 200 6d9c102e305c6692d22f58c59f67b4a9.js Show response
ob.branderblender.com/i/ 102 KB
38 KB 238ms
65ms Script
text/javascript 2600:9000:26db:c400:d:bdb7:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.branderblender.com/i/6d9c102e305c6692d22f58c59f67b4a9.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:c400:d:bdb7:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: dfd5c5d4e68ada8a4dbae7b885b1f41247f42df938d7064ff54c729cc07f0282

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 09:28:45 GMT
content-encoding: gzip
via: 1.1 7ad01e16cb039e6f25a50f4e294fd0ae.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: MUC50-P3
age: 41723
etag: "197a0-Qgm8VfuDZn8+nq3APziHXcK1rO0"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38142
x-amz-cf-id: NdA_LdqJQLCvyCqsTIlKlLI3MJX3Of9EKRauON32kaZIkih2WwdtaA==
expires: Wed, 01 May 2024 21:28:36 GMT

GET
H2 200 widget.js Show response
lcgroups-org.freshchat.com/js/ 67 KB
22 KB 335ms
106ms Script
application/javascript 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/js/widget.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

87d1d3eff67f2586e9039d705d502f782613f87dac4850653e10973940ffb7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 00-6cb59a5134e268e3bdf4490297088976-da3b42364cd8da53-00
date: Wed, 01 May 2024 21:03:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 29 Apr 2024 04:34:05 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: dvfqv
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: d2a5b0a2-f0e6-473f-9657-1ab91d859b4c

POST
H2 200 bulk Show response
api.exponea.com/ 486 B
736 B 42ms
41ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/bulk
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 84da4ee88fa20a94311a24726eaa18f25d37ed36e3269221125417313e679fe5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
x-request-id: ec4b489f-1481-49c3-98fe-e0800ab27294

POST
H3 200 show Show response
api.exponea.com/managed-tags/ 38 B
83 B 37ms
35ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/managed-tags/show
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

POST
H3 200 link-ids Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/cookies/24d38b23-c2e8-45c1-b5e4-2423c23b6e3a/ 0
11 B 62ms
60ms Fetch 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/cookies/24d38b23-c2e8-45c1-b5e4-2423c23b6e3a/link-ids
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://payment.mdccanada.ca
date: Wed, 01 May 2024 21:03:59 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 105ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je44t0v886766442z8812156677za200&_p=1714597437383&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=109857692.1714597440&ecid=1539535773&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_s=1&sid=1714597439&sct=1&seg=0&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&dt=Solid%203D%20Secure%20Payment&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lang=en&tfd=2848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 111ms
37ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RWE693YD8B&cid=109857692.1714597440&gtm=45je44t0v886766442z8812156677za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 112ms
64ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RWE693YD8B&cid=109857692.1714597440&gtm=45je44t0v886766442z8812156677za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1510419982

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 102ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je44t0v886766442za200&_p=1714597437383&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=109857692.1714597440&ecid=1539535773&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_eu=AAAC&_s=2&sid=1714597439&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&dt=Solid%203D%20Secure%20Payment&en=page_view&_ee=1&_et=1&tfd=2852
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 100ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je44t0v886766442za200&_p=1714597437383&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=109857692.1714597440&ecid=1539535773&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_s=3&cu=USD&sid=1714597439&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&dt=Solid%203D%20Secure%20Payment&en=begin_checkout&_c=1&_ee=1&pr1=idc3a938a8b17038d75c9cfe18b93a0583~nmGold%20Evaluation%20Package~brCanadianvisa.org~caConsulting~lioffline~lncall_center~vaOffline~pr49~qt1&epn.value=49&_et=5&tfd=2853
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 100ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je44t0v886766442z8812156677za200&_p=1714597437383&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=109857692.1714597440&ecid=1539535773&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_eu=AAAC&_s=4&sid=1714597439&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&dt=Solid%203D%20Secure%20Payment&en=page_view&ep.leads_user_data=%5Bobject%20Object%5D&_et=1&tfd=2853
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 99ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je44t0v886766442z8812156677za200&_p=1714597437383&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=109857692.1714597440&ecid=1539535773&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=a&_eu=AAAC&_s=5&sid=1714597439&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&dt=Solid%203D%20Secure%20Payment&en=page_view&ep.leads_user_data=%5Bobject%20Object%5D&_et=3&tfd=2854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8fc6998a/www-widgetapi.vflset/ 215 KB
67 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8fc6998a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68202
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 04:19:19 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 May 2025 16:46:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 50ms
45ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1496820189&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&ul=nl-nl&de=UTF-8&dt=Solid%203D%20Secure%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=229993842&gjid=779549430&cid=109857692.1714597440&tid=UA-88273432-1&_gid=1730494541.1714597440&_r=1&_slc=1&gtm=45He44t0n81N44M7QMv812156677za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=581634964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:03:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 638202162930393 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 162ms
154ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/638202162930393?v=2.9.154&r=stable&domain=payment.mdccanada.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b09f19f30d28a55b65f15b021c5b68b702cabecbfa1d0a1451ca589baef821ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 21:03:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=37, mss=1294, tbw=63333, tp=-1, tpl=-1, uplat=129, ullat=1
pragma: public
x-fb-debug: UlVgUQZ0gHPvZ7yfYZSfSkHtypO4zQLxOzkxSYqswJm4inkMKTpTYzW8uoyHmncrHAGtT0va/q9loFrssqa1Dg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.6d59a1e4d239d258535b.js Show response
script.hotjar.com/ 221 KB
55 KB 154ms
32ms Script
application/javascript 54.230.228.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d59a1e4d239d258535b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3485971.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-64.muc50.r.cloudfront.net

Software

Resource Hash

29f0d60cfaa05f3764e61320cf7bbd934c053b6bb0c41ad61b4e682b0c1d6fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 14:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 23753
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55738
last-modified: Wed, 01 May 2024 14:27:34 GMT
etag: "dcabc75d4e5bca9e1042120682f56a78"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: AWJ46VVkwNJPT_wNZ-JKe7JYMqn6ahYFSp06aTnMzUt5dxRjpTddhQ==

GET
H2 200 config_iframe.html
lcgroups-org.freshchat.com/widget/ Frame 0780 0
0 303ms
115ms Document
text/html 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://payment.mdccanada.ca

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.mdccanada.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Wed, 01 May 2024 21:04:00 GMT
last-modified: Mon, 29 Apr 2024 04:34:05 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: f06d2446-b4a9-4d97-8b96-b2395f71ed6d
x-server: dvfqv
x-trace-id: 00-804fec15377b8b054f71ebebeb6fd290-1b3be0847dfeccff-00
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 31ms
30ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-88273432-1&cid=109857692.1714597440&jid=229993842&gjid=779549430&_gid=1730494541.1714597440&npa=1&_u=YADAAEAAAAAAACAAI~&z=491812989

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 May 2024 21:03:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct Show response
obs.branderblender.com/ 0
118 B 358ms
114ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.branderblender.com/ct?id=57751&url=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1714597439904&hl=2&op=0&ag=2115704966&rand=236118178720108519525181202609081320073525721067511211818005239022176225677102652996&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI3NzFdLFsiYm5jaCIsMF0sWyJhYm5jaCIsMV0sWy0zMCwiW1widlwiLDBdIl0sWy01MywiMTAwIl0sWy0xMywiLSJdLFstMTksIlsxMTcwLDE1NzAsMTE3MCwxNTcwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTEyLCJudWxsIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstMjMsIisiXSxbLTI3LCJbMTAwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yLCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU5LCJkZWZhdWx0Il0sWy0yOSwiLSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTYwLCItIl0sWy00LCItIl0sWy0xNCwiLSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy03LCItIl0sWy0zNCwiLSJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzI5OTkxMzY5XCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy0yNiwie1widGpoc1wiOjIzOTIyOTU3LFwidWpoc1wiOjE0MTI5MTMzLFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0zMSwiZmFsc2UiXSxbLTIwLCIxMDk4NTc2OTIuMTcxNDU5NzQ0MCJdLFstNDEsIi0iXSxbLTUwLCItIl0sWy01MiwiLSJdLFstMTYsIjAiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy02OCwiLSJdLFstMTAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy0yNCwiW10iXSxbLTM4LCJpLC0xLC0xLDI5NywwLDAsMCwwLDAsMTE2LC0xLDAsOTQ2LjIsOTQ2LjIsMjk0MCwyOTQwIl0sWy0yMSwiLSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkUFhCa1JVVTFOU1VvREZoWldXeGRiUzFoWFhWeExXMVZjVjExY1N4ZGFWbFFXVUJZUFhRQmFDQWtMWEFvSkRGb1BEd0FMWFFzTFh3d0JXZ3dBWHc4T1d3MVlBQmRUU2dNSUF3OE9DQThQRUE9PSJdLFstOSwiKyJdLFstNDYsIjAiXSxbLTMzLCItIl0sWy02NCwiWzAsXCJXaW4zMlwiLFt7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxMjRcIn0se1wiYlwiOlwiTm90OkEtQnJhbmRcIixcInZcIjpcIjhcIn0se1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjEyNFwifV1dIl0sWy02NSwiLSJdLFstNDUsIi0iXSxbLTgsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEsIi0iXSxbLTQ0LCIwLDAsMCw1Il0sWy01NSwiMSJdLFstMzUsIlsxNzE0NTk3NDM5ODg0LC0yXSJdLFstMTgsIlswLDAsMCwxXSJdLFstNTEsIi0iXSxbLTUsIi0iXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy00NywiLSJdLFstNTgsIi0iXSxbLTE3LCIxMiJdLFstMjUsIi0iXSxbLTYyLCI4MCJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy02MywiMCJdLFstNiwiLSJdLFstMzIsIi0iXSxbLTQwLCIzMyJdLFstNjcsIi0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTE1LCItIl0sWyJkZGIiLCIwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwyLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=6ZjBLEBOam&pto=2965&ver=59&gac=109857692.1714597440&mei=&ap=&fe=1&duid=1.1714597439.gpr1bN23BPWht2Dz&suid=1.1714597439.G6DFq5STjNjiWN9h&tuid=1.1714597439.jh07rF2BSNa85aB5&fbc=-&gtm=WyJiZWdpbl9jaGVja291dCJd&it=80%2C2518%2C281&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.branderblender.com
URL: https://ob.branderblender.com/i/6d9c102e305c6692d22f58c59f67b4a9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Wed, 01 May 2024 21:04:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 259ms
58ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-88273432-1&cid=109857692.1714597440&jid=229993842&npa=1&_u=YADAAEAAAAAAACAAI~&z=605419822

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 274ms
51ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-88273432-1&cid=109857692.1714597440&jid=229993842&npa=1&_u=YADAAEAAAAAAACAAI~&z=605419822

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 01 May 2024 21:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 bulk Show response
api.exponea.com/ 107 B
123 B 29ms
28ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/bulk
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e8178cfe6b4922d028a3e32093a81ddff0fef9c01c279500f3e1297b5f8ff71b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:03:59 GMT
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107
x-request-id: ea6f9ecd-5861-4066-afab-6fe9846916f6

GET
H3 200 276242916243096 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 82ms
81ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/276242916243096?v=2.9.154&r=stable&domain=payment.mdccanada.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f451cbc98f0a180ba31c927857698b2f132cdc682987cece077612d9855acb93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 May 2024 21:04:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=33, mss=1232, tbw=4323, tp=9, tpl=0, uplat=61, ullat=0
pragma: public
x-fb-debug: mBUUVrEYeAqqNyrW/N564qTIuNQSdxF7ZzLZSJMfMlZ+JW0UGNgVGNSKvGZZhy6XWlZTkxEleR6gMa/6Tqsjeg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
geolocation-db.com/json/ 151 B
260 B 220ms
152ms Fetch
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: d1dje5mxb6emkl.cloudfront.net
URL: https://d1dje5mxb6emkl.cloudfront.net/cve/cve.js.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0cfb5e6135990b7b79da43943cc40a3f81f4c2d2cda023a6e5d70514dcb5a4b6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 01 May 2024 21:04:00 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 /
lcgroups-org.freshchat.com/widget/ Frame 6A1C 0
0 107ms
107ms Document
text/html 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/?token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&referrer=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==&eagerLoad=true

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.mdccanada.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Wed, 01 May 2024 21:04:00 GMT
last-modified: Mon, 29 Apr 2024 04:34:05 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 36c8cce1-08d0-4295-99f2-74b2508708ed
x-server: dvfqv
x-trace-id: 00-97a2c2ed5280440aec6a341b5e79468a-9393c9a0f8ec288e-00
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
lcgroups-org.freshchat.com/widget/css/ 9 KB
2 KB 110ms
110ms Stylesheet
text/css 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/css/widget.css?t=1714597440514

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

8c8c1fbfe397f51c902c386473ee445602433837a4cf686eba20cfb5db07d115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 9bca77e8-dd2b-48e0-aad1-e53c1ea8b883
x-trace-id: 00-f65518b09bb267ed5c55ee2119aeb3c4-7b19f08b1ec4a13d-00
last-modified: Mon, 29 Apr 2024 04:34:05 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: tnjfr
expires: Thu, 01 May 2025 21:04:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 75ms
23ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=638202162930393&ev=PageView&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&rl=&if=false&ts=1714597440532&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714597440527.239651319&ler=empty&cdl=API_unavailable&it=1714597439827&coo=false&rqm=GET

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=2826, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 May 2024 21:04:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 76ms
24ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=276242916243096&ev=PageView&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&rl=&if=false&ts=1714597440534&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714597440527.239651319&ler=empty&cdl=API_unavailable&it=1714597439827&coo=false&rqm=GET

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/solid3d/payment?lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1294, tbw=3113, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 May 2024 21:04:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 co-browsing.js Show response
lcgroups-org.freshchat.com/widget/js/ 26 KB
8 KB 125ms
124ms Script
application/javascript 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/js/co-browsing.js

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1e10e9493470eb296ba1ba705a39455e226be2906bd24a41e1f2b8287ff8f62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 87add8a4-8bf8-4628-b6ec-56bfd6ffdf0a
x-trace-id: 00-5b48dac7dcd7013f7b00241b9573bb21-776e739b3df589f6-00
last-modified: Mon, 29 Apr 2024 04:34:05 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: z4lwc
expires: Thu, 01 May 2025 21:04:01 GMT

GET
H2 200 cb.css
lcgroups-org.freshchat.com/widget/css/ 1 KB
1 KB 117ms
117ms Stylesheet
text/css 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/css/cb.css?t=1714597441543

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/widget/js/co-browsing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block
x-request-id: fe1a9080-3f2f-48e9-a44d-b3fbbce6d819
x-trace-id: 00-ba6871f0099ea963097510bebe284e9d-d3ad84ded876da0d-00
last-modified: Mon, 29 Apr 2024 04:34:05 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: dvfqv
expires: Thu, 01 May 2025 21:04:01 GMT

GET
H2 200 mdc_david.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 126 KB
0 1ms
1ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_david.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68b1a10699dad6e61ccb4093cf5017571e42d1cefaca62669581677956cac152

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Vmmk46e9vCsV2chz6OL6mNBGuz7n9ADE
date: Wed, 01 May 2024 10:21:57 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 38521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 128922
last-modified: Tue, 14 Mar 2023 12:02:12 GMT
server: AmazonS3
etag: "dd4c5846b5d60fb8103f9a866700c4cf"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: jSSbQvkO5M5AASWNVZfopMkwF14vcnnJIh1VruGQWexszhvvbg21RA==

GET
H2 200 mdc_alireza.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 95 KB
0 1ms
1ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_alireza.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eca0c7e678919f04535499591de95afb80f21ec06a2e3c1cf94099f990261c6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Tt.wO6ljuHG0zBpYadXRxPYcZAlnED71
date: Wed, 01 May 2024 08:34:44 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 97719
last-modified: Tue, 14 Mar 2023 12:02:11 GMT
server: AmazonS3
etag: "c473217159b06cb51524f3864db08f6f"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: MQs5OpZRUcVFxqscB2PnfxhhzK73nxT9paCub2MQqSprfvBMDLiMhQ==

GET
H2 200 mdc_giovanni.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 112 KB
0 1ms
1ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_giovanni.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ed0105089a46f9fdad6234d109091776b6b42a9fb716b1a8a3745228a4a1186

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QsqwtYn5gppbbGyuYt8pTd4sLdZHL9KK
date: Wed, 01 May 2024 08:34:43 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 114621
last-modified: Tue, 14 Mar 2023 12:02:09 GMT
server: AmazonS3
etag: "fdda75bd98dd31a3ca6f2db8d70c403a"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: C733EhO1ag1KcIiEymLW4T3QnjW4vWXtXW3EthPMDH4SdM8_3B4wXA==

GET
H2 200 mdc_jimmy.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 131 KB
0 3ms
3ms Image
image/png 2600:9000:225b:4e00:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_jimmy.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:4e00:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddda2cc348b4d18cee0a59c17740f40f56b46f914dbf023ad4b1af3c0c5d68c7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FOYJs_8_VDBcMfJDZqWwY0GNq1r0AWGa
date: Wed, 01 May 2024 08:34:44 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 44954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 134498
last-modified: Tue, 14 Mar 2023 12:02:10 GMT
server: AmazonS3
etag: "1e0858a912f37440b796936c7d81834d"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Ec19fWEpO274SD9kLqY554T5QMkTuw-Mhsv-DxnbrJ9vhdmGW5xNSg==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 51ms
50ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-873086315&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

725fba837f442025a8d84c6122e70acea0a35d54f957c99191635d20152f3a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 21:04:01 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 117ms
43ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 01 May 2024 21:04:01 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5D68D2B74C054888933B5BFE490DF581 Ref B: AMS04EDGE2005 Ref C: 2024-05-01T21:04:01Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 250 KB
86 KB 51ms
51ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11180768470&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b3b0b4387706823284f0b9c5fbcebe1d69b98448bd2bdf2a2797c76757cb70e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 21:04:01 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 250 KB
86 KB 78ms
77ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11227845249&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

87a3716f0eeb9406e4bfdc485b0eb1b7f28bcecce0de40cfd462f8d17c1bb015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:04:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 May 2024 21:04:01 GMT

GET
H/1.1 200
OK favicon-32x32.png
payment.mdccanada.ca/favicons/ 2 KB
3 KB 31ms
31ms Other
image/png 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/favicons/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3091bd6d017d069629ef1c45ad7ded5d3dead81d31f39ee4a9cbb7f8883769d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/solid3d/payment?lang=en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 21:04:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 May 2021 12:25:25 GMT
Server: nginx
ETag: "60a65535-9f5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2549
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 149007793.js Show response
bat.bing.com/p/action/ 0
117 B 49ms
49ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149007793.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 01 May 2024 21:04:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 723BE50BF27F456A899A4667517E8324 Ref B: AMS04EDGE2005 Ref C: 2024-05-01T21:04:01Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 107ms
107ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149007793&tm=gtm002&Ver=2&mid=c56d4a6a-589f-45b4-8af0-3ddde0114874&sid=560963c007fe11efaa55076ced65f596&vid=560971f007fe11efab3b2962b8389858&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=Solid%203D%20Secure%20Payment&p=https%3A%2F%2Fpayment.mdccanada.ca%2Fsolid3d%2Fpayment%3Flang%3Den&r=&lt=4759&evt=pageLoad&sv=1&rn=572164

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://payment.mdccanada.ca/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 May 2024 21:04:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D31C105D39347C5A786DC8C2029CADB Ref B: AMS04EDGE2005 Ref C: 2024-05-01T21:04:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html
465930902273542.webpush.freshchat.com/ Frame 5467 0
0 561ms
459ms Document
text/html 18.173.154.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://465930902273542.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==
Requested by: Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-100.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.mdccanada.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 01 May 2024 21:04:03 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
x-amz-cf-id: 4izXetQFAskGA-Az9jUTos2u_ckZtfCPozZwHFjO4o8GmfqWAiikiA==
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.mdccanada.ca/solid3d	1970-01-20 20:16:38	Name: cve_ip Value: 95.211.199.155
payment.mdccanada.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: bpuea460r9tj45otr07ipngie2
payment.mdccanada.ca/	1969-12-31 23:59:59	Name: _csrf Value: 3f2330f7499ae03645a675baddb6d602dde18595677a5ae154eab1deee21c9f5a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22-FtrvxK2HsZsyYK15mL5wq-GSOJ1aTyZ%22%3B%7D
api.exponea.com/	1970-01-21 05:52:37	Name: xnpe_9a5c1884-6c59-11eb-8b86-9ef8a0068af9 Value: 24d38b23-c2e8-45c1-b5e4-2423c23b6e3a
.mdccanada.ca/	1970-01-21 05:52:37	Name: __exponea_etc__ Value: 24d38b23-c2e8-45c1-b5e4-2423c23b6e3a
.mdccanada.ca/	1970-01-20 22:26:13	Name: _gcl_au Value: 1.1.291978647.1714597439
.mdccanada.ca/	1970-01-20 20:16:41	Name: __exponea_time2__ Value: -0.0023348331451416016
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: IIm76u56qNE
.youtube.com/	1970-01-21 00:35:49	Name: VISITOR_INFO1_LIVE Value: 6Y05ZiuKqY8
.youtube.com/	1970-01-21 00:35:49	Name: VISITOR_PRIVACY_METADATA Value: CgJOTBIIEgQSAgsMIDs%3D
.mdccanada.ca/	1970-01-21 05:52:37	Name: _ga_RWE693YD8B Value: GS1.1.1714597439.1.1.1714597439.60.0.1539535773
.mdccanada.ca/	1970-01-21 05:52:37	Name: _ga Value: GA1.2.109857692.1714597440
.mdccanada.ca/	1970-01-20 20:18:03	Name: _gid Value: GA1.2.1730494541.1714597440
.mdccanada.ca/	1970-01-20 20:16:37	Name: _gat_UA-88273432-1 Value: 1
.mdccanada.ca/	1970-01-20 22:28:01	Name: _cq_duid Value: 1.1714597439.gpr1bN23BPWht2Dz
.mdccanada.ca/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1714597439.G6DFq5STjNjiWN9h
.mdccanada.ca/	1970-01-21 05:02:13	Name: _hjSessionUser_3485971 Value: eyJpZCI6ImU5ZDQxOTU2LTVlZjgtNTVjZi1hOWM0LTcyNWEwMTEyYzVmZSIsImNyZWF0ZWQiOjE3MTQ1OTc0NDAwNzIsImV4aXN0aW5nIjpmYWxzZX0=
.mdccanada.ca/	1970-01-20 20:16:39	Name: _hjSession_3485971 Value: eyJpZCI6ImJlNjQyNGM4LTg3MTktNDk4NS05MjU4LTFjMjdlZmZkZjQxYyIsImMiOjE3MTQ1OTc0NDAwNzMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.mdccanada.ca/	1970-01-20 22:26:13	Name: _fbp Value: fb.1.1714597440527.239651319
.mdccanada.ca/	1970-01-20 20:18:03	Name: _uetsid Value: 560963c007fe11efaa55076ced65f596
.mdccanada.ca/	1970-01-21 05:38:13	Name: _uetvid Value: 560971f007fe11efab3b2962b8389858
.bing.com/	1970-01-21 05:38:13	Name: MUID Value: 18CFF732461A657335E4E34047B964B8

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/638202162930393?v=2.9.154&r=stable&domain=payment.mdccanada.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payment.mdccanada.ca/solid3d/payment?lang=en Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

465930902273542.webpush.freshchat.com
api.exponea.com
bat.bing.com
canadian-visa-media.s3.amazonaws.com
cdn.jsdelivr.net
connect.facebook.net
cv-media-files.s3-us-west-2.amazonaws.com
cv-media-files.s3.us-west-2.amazonaws.com
d1ac9zce9817ms.cloudfront.net
d1dje5mxb6emkl.cloudfront.net
fonts.googleapis.com
geolocation-db.com
lcgroups-org.freshchat.com
lps.canadianvisa.org
mdc-new-funnel-v2.s3.amazonaws.com
ob.branderblender.com
obs.branderblender.com
payment.mdccanada.ca
region1.analytics.google.com
s.agccall.com
script.hotjar.com
solidpayments.net
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.nl
www.googletagmanager.com
www.youtube.com
104.16.87.20
13.248.221.98
142.250.185.136
142.250.185.67
142.250.186.164
157.240.0.6
159.89.102.253
165.232.36.183
167.99.182.231
18.173.154.100
18.66.192.39
2001:4860:4802:34::36
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:225b:4e00:15:20a2:3900:21
2600:9000:26db:c400:d:bdb7:5480:93a1
2600:9000:26db:f200:c:ec32:f140:21
2620:1ec:c11::237
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:400c:c04::9c
2a02:26f0:3500:18::1724:a288
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.244.143.131
37.139.6.182
52.216.134.83
52.217.136.33
52.218.220.25
52.218.229.81
54.230.228.64
76.223.64.65
00ea8daa5673804b4f4cb706caa15cc91ebb3759c33dd28bb8853da74a9e710b
0cfb5e6135990b7b79da43943cc40a3f81f4c2d2cda023a6e5d70514dcb5a4b6
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12d833367b6cbfffdf170d0d33673e35c1ce616654245378d14ef3890937f9f2
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
158846df28c60719849d9258e6b56cb7726cbb61e30a15fd5afa58b62cf376d2
1e10e9493470eb296ba1ba705a39455e226be2906bd24a41e1f2b8287ff8f62b
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
289ed5b990a607d3c5ff04e87fc1f22ae935a0900df68a5f465c5ac5923ca01d
29f0d60cfaa05f3764e61320cf7bbd934c053b6bb0c41ad61b4e682b0c1d6fae
2b48eb21e579e004fcce778b98126f11f4879b06444b6185779c3a949d001116
2f5798d2bf40221b1a159edce182993d2cde63dd4ec3a945532411bf07f7e4ee
3091bd6d017d069629ef1c45ad7ded5d3dead81d31f39ee4a9cbb7f8883769d0
349bea457c5a6e16fb7487465feebabee1c45429c4317aa9706ef5f7599668df
37e8997ef3844d8617fa23c25823c70faf36a8efb04a0a42d96f102180ec4850
37f8af81c6651000937b4ec8fa0918730b6487303940735ef021f80f7d149602
3da68c427952c6f87a17fbd75f6fd18acda783257d0de6c54cc970d35dde072d
3e26d26fbcf10cdc20e715a8fc167a216ae90f792c6cc76256512c41bf4d5ff5
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4ed0105089a46f9fdad6234d109091776b6b42a9fb716b1a8a3745228a4a1186
4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
51f4582486ca6ea9d7521901650bcd2ac16c0b7676b66b129472c29fc79255ab
546582040f78d9cdd241d32fdedbb5f5304cb6ef85a72d34e5673ec32a4d3458
58436a4fa28a17c2689f8375d01095276e95cac03517b3c649e14f06c195f3e6
593da46ed8890edf70f2e97e82a629c931da3c72302b32a8663942c9b5c307d3
5afd6716402effa7da36565f71ba6a3840147dad4c3bebb097ed32e840f0b717
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
68b1a10699dad6e61ccb4093cf5017571e42d1cefaca62669581677956cac152
6fb84f62990a7291458a9bce450191cadabd9416e526e79efd28ce0d7c4b881e
7027af9bf75f5a7ca52a3e04aa292a4d30342919772a2e354018ea2b150b30af
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
725fba837f442025a8d84c6122e70acea0a35d54f957c99191635d20152f3a24
742d2a43bc2e07e4ce994c97173ee31ca0aaf595d0986788f4c5c71ca670c4e6
762b1b256e19b1bcf11e0f3bca305fab026da5e101ecc0c903d26e0b28209716
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7d2b5f286ae47d04a9c42c651332dd1dc65e9c357c34e547cc0862de788f3375
7f62e179ab6ac34a40148be67c533c8dfbefecceb73a1b721ef0c7e3154d3da4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84da4ee88fa20a94311a24726eaa18f25d37ed36e3269221125417313e679fe5
86316eec675b32346b1a476a7495b040ac3f45f0281918c222c984edc54cacda
87a3716f0eeb9406e4bfdc485b0eb1b7f28bcecce0de40cfd462f8d17c1bb015
87d1d3eff67f2586e9039d705d502f782613f87dac4850653e10973940ffb7c0
8c8c1fbfe397f51c902c386473ee445602433837a4cf686eba20cfb5db07d115
8ddb060965730ddb8fd83e8a3897f129847f9a85cfde5cded2afd0bcbf5edd2a
8f6f12c27aa252907afd89baf65e862d08617d79d070e9719ab42d9b65637ec7
91ee15c0b2875449c2691eb56966d1d2be424485309a746f7294c13f23555deb
92cd6e6acd0b0744801db343d0fa4a32f5c106925a19628a5fca948e6aacf92f
94579787a5a52a7dbf3209ccc91589eeda9878f9ff137d5fc43f4da98cc38e9a
94586f5b7f5e497ea5035fc2a1cff44b3103f268b903c3a5bde1746e7d122134
9a0f5e2db3067a91f5ad66cac49639247255eefbfd37c15f5264cd5453c7b139
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9cc2231a485a134696d965441373b45d5e88f726d78c2cb9a490d483253226f9
a6a6e1cf13bc3b468a14b6cd91536c534c9ffc0d33d4116dc1ccdfbdf7b78c13
aaef401a4bbe135c3379b250fa9df5bf7359a6703523a79e6fdc667c64e6dd52
ace374f9111b66ade2f58f1814cc0a6812bf41b651c9aa66a59e57a2782f5b50
ae62aca8866fbca77e935b5429119eeda9d3646a1cc52568d35e10a580f553b5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af86eeeed7ff7c39421245942486e472828ea3f89d5c5b8b1f45427de447cac6
b09f19f30d28a55b65f15b021c5b68b702cabecbfa1d0a1451ca589baef821ae
b148a70822b1c6595fa4bf95c23f3780608e553d36f22e81e683f4ca87c5fa04
b3b0b4387706823284f0b9c5fbcebe1d69b98448bd2bdf2a2797c76757cb70e4
b62070ba47b830d8cd7b32f00ced8b7c40824ca86891e844b5f9198aa54e4687
b92c75200923ef3bcff1325670e81e27e37227ab9b018cf8568a0eedbe514351
ba99b79e9ef0f966fc5ead8d80950ed46a824c37555b94448c1bafcaaadfe84b
bf3303e6b1d8f51e4ea85a1907f8bd9b4f619d355d5a0ef9f2ff50dd658642d0
c6e0676d3ea2badee784595660572ef3d5354c27ba7ce101071c423372384d6c
cb9e40dc843c17b5aa1b783927cd2b4312d192a0f796aaf4c112e760b5e2af2e
cc4a3465c4c5d5ccd423dcbcaeb603c4bd0f63bce1150b4efbd7fddaf740b4c1
cd3521e9b79712590c50523ef00789c637324afa1c8987bf5b773c5d3a66fb3d
d01cc02e7815491811415ef14e942f40da3494ac3f66857b71d9e9af0bd4f960
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d1bcd0b606710857e19aaa7cccd62c7264318271649738e76006c05f30d01062
d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d92238060bc2ee903bf64a5458850bca60fc4b1e05b465af54bc86afc610d033
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
ddda2cc348b4d18cee0a59c17740f40f56b46f914dbf023ad4b1af3c0c5d68c7
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd5c5d4e68ada8a4dbae7b885b1f41247f42df938d7064ff54c729cc07f0282
e386804fca2de27287995ee6100058179f0c2b9a7d7883b5a4dfa4fcf4819891
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8178cfe6b4922d028a3e32093a81ddff0fef9c01c279500f3e1297b5f8ff71b
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebb556a29ec199dd9b046ef88c0e42e4b702cefd3033f98f60bcebe03f151dc5
eca0c7e678919f04535499591de95afb80f21ec06a2e3c1cf94099f990261c6a
edfd5f21768edfc6a2203906a32a757b7434cb2b6f082ff10e9923394c6d27c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f451cbc98f0a180ba31c927857698b2f132cdc682987cece077612d9855acb93
f4939b06b39ac47cccffd4a2022abb4b73b9f79f57bfd26e361f237018efc127
f98e99a9093900de6d892130893996c5b6d931655179eb32f057959ef02e5165

payment.mdccanada.ca Open in urlscan Pro 165.232.36.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

44 %IPv6

23 Domains

31 Subdomains

34 IPs

7 Countries

4503 kBTransfer

7076 kBSize

22 Cookies

100 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payment.mdccanada.ca Open in urlscan Pro
165.232.36.183 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

44 %
IPv6

23
Domains

31
Subdomains

34
IPs

7
Countries

4503 kB
Transfer

7076 kB
Size

22
Cookies

110 HTTP transactions
6 data transactions