urlscan.io logo urlscan.io
SecurityTrails logo

www.canadian-etavisas.com Open in urlscan Pro
13.33.139.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://canadian-etavisas.com/
Effective URL: https://www.canadian-etavisas.com/
Submission: On April 17 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 14 domains to perform 59 HTTP transactions. The main IP is 13.33.139.128, located in United States and belongs to AMAZON-02, US. The main domain is www.canadian-etavisas.com.
TLS certificate: Issued by Amazon on September 30th 2020. Valid for: a year.
This is the only time www.canadian-etavisas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 22 13.33.139.128 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.245.79 16509 (AMAZON-02)
1 143.204.237.228 16509 (AMAZON-02)
1 143.204.245.61 16509 (AMAZON-02)
2 54.244.26.125 16509 (AMAZON-02)
1 143.204.245.98 16509 (AMAZON-02)
1 151.101.114.110 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.247.242.21 23467 (NEWRELIC-...)
3 2a04:4e42:1b:... 54113 (FASTLY)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
59 19
22    13.33.139.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-128.cph50.r.cloudfront.net
canadian-etavisas.com
www.canadian-etavisas.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
6    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
static-v.tawk.to
va.tawk.to
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.245.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-79.cph50.r.cloudfront.net
static.hotjar.com
1    143.204.237.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-228.cph50.r.cloudfront.net
cdn.amplitude.com
1    143.204.245.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-61.cph50.r.cloudfront.net
script.hotjar.com
2    54.244.26.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-26-125.us-west-2.compute.amazonaws.com
api.amplitude.com
1    143.204.245.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-98.cph50.r.cloudfront.net
vars.hotjar.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
vsb94.tawk.to
2    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
3    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)
vsb94.tawk.to
va.tawk.to
Domain Requested by
19 www.canadian-etavisas.com canadian-etavisas.com
www.canadian-etavisas.com
7 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com www.canadian-etavisas.com
static-v.tawk.to
3 vsb94.tawk.to browser.sentry-cdn.com
3 cdn.jsdelivr.net static-v.tawk.to
3 va.tawk.to browser.sentry-cdn.com
3 canadian-etavisas.com 2 redirects
2 bam.nr-data.net js-agent.newrelic.com
browser.sentry-cdn.com
2 api.amplitude.com browser.sentry-cdn.com
2 www.google-analytics.com www.googletagmanager.com
browser.sentry-cdn.com
1 static-v.tawk.to embed.tawk.to
1 js-agent.newrelic.com www.canadian-etavisas.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cdn.amplitude.com canadian-etavisas.com
1 static.hotjar.com www.googletagmanager.com
1 embed.tawk.to www.canadian-etavisas.com
1 www.googletagmanager.com www.canadian-etavisas.com
1 stackpath.bootstrapcdn.com www.canadian-etavisas.com
1 browser.sentry-cdn.com www.canadian-etavisas.com
1 cdnjs.cloudflare.com www.canadian-etavisas.com
59 21

This site contains links to these domains. Also see Links.

Domain
www.canada.ca
Subject Issuer Validity Valid
canadian-etavisas.com
Amazon		 2020-09-30 -
2021-11-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
cdn.amplitude.com
Amazon		 2020-11-18 -
2021-12-17		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2020-02-18 -
2022-02-13		 2 years crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-13 -
2022-03-26		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.canadian-etavisas.com/
Frame ID: 5B232C47A8BAEE57BD6302F7999E0955
Requests: 51 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: A95F79AC0042F2DF1A4A47C21F96C829
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: DDFE11C86419D0CC0E99BB4150A4ED6F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 037CF09902A88B83CA2E65F36E8DEABA
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 2C7BBAE74660197403FC527A3CB377D0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://canadian-etavisas.com/ HTTP 301
    https://canadian-etavisas.com/ Page URL
  2. https://canadian-etavisas.com/ HTTP 301
    https://www.canadian-etavisas.com/ Page URL
  3. https://www.canadian-etavisas.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.amplitude\.com/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

59
Requests

100 %
HTTPS

58 %
IPv6

14
Domains

21
Subdomains

19
IPs

2
Countries

898 kB
Transfer

2734 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://canadian-etavisas.com/ HTTP 301
    https://canadian-etavisas.com/ Page URL
  2. https://canadian-etavisas.com/ HTTP 301
    https://www.canadian-etavisas.com/ Page URL
  3. https://www.canadian-etavisas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://canadian-etavisas.com/ HTTP 301
  • https://canadian-etavisas.com/
Request Chain 1
  • https://canadian-etavisas.com/ HTTP 301
  • https://www.canadian-etavisas.com/

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
canadian-etavisas.com/
Redirect Chain
  • http://canadian-etavisas.com/
  • https://canadian-etavisas.com/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2f8ec8ee6ce71ba1e422d233e2fe052b0003902df6d2dd329d91191b9c60d849

Request headers

:method
GET
:authority
canadian-etavisas.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
1197
server
CloudFront
date
Sat, 17 Apr 2021 19:42:33 GMT
cache-control
max-age=0, must-revalidate, no-store, nocache, private
set-cookie
DL5LP4P3-3rU(35=e2c682d0-9c5a-4800-b7b0-88a79ffa36c2.94e0e11
referer
canadian-etavisas.com/
x-cache
Miss from cloudfront
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
uTc_bRoka-XeMnTUWoOmB2xMQB3APj30SFjJiC7oWCejA8wD-RIcHw==

Redirect headers

Server
CloudFront
Date
Sat, 17 Apr 2021 19:42:33 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://canadian-etavisas.com/
X-Cache
Redirect from cloudfront
Via
1.1 71f46d2cc0b2c2e933cd6222e921feed.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C2
X-Amz-Cf-Id
cvZO1GdVITsIDulfyPC96iLyURK8nNrNGRYxiztoH64DTtjED5-vtw==
/
www.canadian-etavisas.com/
Redirect Chain
  • https://canadian-etavisas.com/
  • https://www.canadian-etavisas.com/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/
Requested by
Host: canadian-etavisas.com
URL: https://canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2f8ec8ee6ce71ba1e422d233e2fe052b0003902df6d2dd329d91191b9c60d849

Request headers

:method
GET
:authority
www.canadian-etavisas.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://canadian-etavisas.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://canadian-etavisas.com/

Response headers

content-length
1197
server
CloudFront
date
Sat, 17 Apr 2021 19:42:33 GMT
cache-control
max-age=0, must-revalidate, no-store, nocache, private
set-cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
referer
www.canadian-etavisas.com/
x-cache
Miss from cloudfront
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
zKCU5764Gd1F96n0rxzolJ9uNa9dIlzAGoFI82wad8ER1Muxa7Xz_Q==

Redirect headers

content-type
text/html
content-length
162
location
https://www.canadian-etavisas.com
date
Sat, 17 Apr 2021 19:42:33 GMT
server
nginx
x-cache
Miss from cloudfront
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
EdBgLWNq_juDC97bdoU2aWkXd6Mln3i43Ojar68U7jKgUfeXe8WkAA==
Primary Request /
www.canadian-etavisas.com/ 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
720336a616614bea5a6b4a8bf4e078e7976558f9eac2deaa93b27eb64fbdbd12

Request headers

:method
GET
:authority
www.canadian-etavisas.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.canadian-etavisas.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.canadian-etavisas.com/

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 17 Apr 2021 19:42:34 GMT
server
nginx
cache-control
max-age=3600, public
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
F7DNxJMaavGQ5KPsLS1Kbs6PTw9pN9XOaP9ESBBQ071lPXi913u9-w==
crypto-js.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 		187 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6826494432163d74fd27e78ad011a13d55e4670441cd49fc9f1e52a4afd28d9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3193532
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24518
cf-request-id
0982f44caf00004e0ec21c1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-2edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4RQtnbMqjwOaxr01x%2Fi6GQeddMuml%2BvXCBm6D5bArs%2B5jeGFpTMkXKlGd4Ao5UbtuvY4jRkW6bTHE5AkHtQrhpjYP0aR2QGmEpYDpBEy0zRWP%2B%2F2lXZ%2Bi3ODLXG3%2FJU3Kg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
641823277c974e0e-FRA
expires
Thu, 07 Apr 2022 19:42:34 GMT
bundle.min.js
browser.sentry-cdn.com/4.5.3/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fe5f8d4505ce040cc22d858aa7636262168e3449787dd05f75ea7050ff8ce06f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
gzip
last-modified
Mon, 21 Jan 2019 13:03:48 GMT
server
Fastly
age
14306411
etag
"28e5dd38e927f10c1ce94d84470a83b3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
22423
expires
Wed, 03 Nov 2021 05:42:22 GMT
capture-errors.js
www.canadian-etavisas.com/scripts/common/ 		104 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/scripts/common/capture-errors.js?v=1
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
0d9a1cab8400a4d79cc08adff50eb69886a8dbeda96ee9f655b143aca1b56420

Request headers

:path
/scripts/common/capture-errors.js?v=1
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 05:41:14 GMT
server
nginx
age
28625
etag
W/"6079237a-68"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
mlVqHERB_HHhY0d86TDmNDtTwuYBbF0l4BtBa55tzma6lajZ5FTc2g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
www.canadian-etavisas.com/styles/canada/visaetacanada/ 		517 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
02e6e6b80ae5fe46ed403d92e715d75b3437b7b5ca737446516f94aa71996fb8

Request headers

:path
/styles/canada/visaetacanada/main.css?rel=1618551855583
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:53:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 05:43:13 GMT
server
nginx
age
28134
etag
W/"607923f1-814fb"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
hrhfej9JUZFD0YsQcoIgyMW9O-vYBddiIPbarIORfj3HS2L1aSfwEQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.canadian-etavisas.com/img/canada/visaetacanada/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/canada/visaetacanada/logo.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
84e5e055de831e7cc65dacfbe6d6c278ecde35699ca97baa989d26c479c21b40

Request headers

:path
/img/canada/visaetacanada/logo.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-83d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
2109
x-amz-cf-id
4W2wXlJhBe2IXbzUnRpjh6lqwQjRrTRU2ic40FGiQ1b6GkoVXvyEig==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ssl-secure-website_light-theme.png
www.canadian-etavisas.com/img/common/ssl/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/ssl/ssl-secure-website_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
ab37318382cb80002b5b879baa7afc3750bd7db65f2aa77685d3e07399e56a48

Request headers

:path
/img/common/ssl/ssl-secure-website_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28626
etag
"60792379-133f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
4927
x-amz-cf-id
icVtd9UeNuh3L1t0siZ6SAlNlsA6G0V0Gd1PRl87n1VwW08hbDZTtQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/visa_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
826d4888b5e0240ca141d7c983c1e3886c0cddd10f0187fb59305ab8ed2d92ba

Request headers

:path
/img/common/payment/logos/visa_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:29 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-a6e"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
2670
x-amz-cf-id
p2phkVMhTw4zGJX0sub4kW28Ls3SH-FnGPe-dRd-GCbJESK-Q_18TA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mastercard_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/mastercard_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
06e7ab796f4a252d74415db7f51b19d997f65a0221ede43b08672a89878067d6

Request headers

:path
/img/common/payment/logos/mastercard_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-bfb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
3067
x-amz-cf-id
f4utEf03p3DO_vp5b5CKiKDGiyY8NZl4RUkECP1eZ8YQX-P6e6E3XQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
american-express_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/american-express_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
bdb04e9f23d38a9ed88c6f2c5dfa835595377e0bb3c9f0757177a8046374c66a

Request headers

:path
/img/common/payment/logos/american-express_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-bb5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
2997
x-amz-cf-id
pHFpi3kaeO8ceyKWGMi36H8DyZWq_CyqcHTjzO0j24bcCFslsPF7zg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
maestro_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/maestro_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
6331f2cbf2cf9cf46effdf1e48bc7aa08f3c0ed4c1be5a9ae1da8eb34f9b735d

Request headers

:path
/img/common/payment/logos/maestro_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-bc1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
3009
x-amz-cf-id
G1ZgpggcL0XojlKajYcHcSXqXpsv81aoncdiZaiH8DBkO4G5h8DYmw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jbc_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/jbc_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
b453cff89ad29e0c247a91762e341eb87c893a35be98b81eee87c78ef943816b

Request headers

:path
/img/common/payment/logos/jbc_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:29 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-d88"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
3464
x-amz-cf-id
XNJEmPAZLLjHD8rOMzzTk5O8jH3feA4wK8xyVe5G12yUm1LLx9T1Kg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
union-pay_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/union-pay_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
bdb1d557d0d9553f0cf747173b24789a8b9a5ea276fedb2c1e8f97eae2bc5e77

Request headers

:path
/img/common/payment/logos/union-pay_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-eda"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
3802
x-amz-cf-id
Vo0VEHqWX1SdYVFi6zK_XwNxmdLb_H7odDV22Xc-dd59GrEOGUPyJw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
paypal_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/paypal_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
a6d236c71285a703c17e47cc2e181974ccbf89eabe6083f13890b0df11008429

Request headers

:path
/img/common/payment/logos/paypal_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:29 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-9bc"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
2492
x-amz-cf-id
8ksQ6g9Bj-wWl7hvtdtLJC-eMRRjTB9WItpVBRbMd56ji7KW3qjjug==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ideal_light-theme.png
www.canadian-etavisas.com/img/common/payment/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/common/payment/logos/ideal_light-theme.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
98159f2fffbd8406d348fe01c5ae0e49dccb2edd2c5066ecb11defe737ada526

Request headers

:path
/img/common/payment/logos/ideal_light-theme.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:28 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-4bf"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
1215
x-amz-cf-id
IvuoVQLcXvDx2To8YgZtBeugNzkzGBwDW3rx8qpb_IR_oLj_fA6N0w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.min.js
www.canadian-etavisas.com/scripts/canada/minify/visaetacanada/ 		199 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/scripts/canada/minify/visaetacanada/scripts.min.js?rel=1618551855583
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
aa263c92887e0b898dad880d9492b2d3ccc42b1fe16a7c3dc74320d33b94707f

Request headers

:path
/scripts/canada/minify/visaetacanada/scripts.min.js?rel=1618551855583
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:53:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 05:41:14 GMT
server
nginx
age
28134
etag
W/"6079237a-31ce2"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
ciPodIUZsz65awhV_78UCEslwXzdjDPcR7oormPjFOKDmKGNPkADFg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
en.js
www.canadian-etavisas.com/vendor/parsleyjs/dist/i18n/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/vendor/parsleyjs/dist/i18n/en.js?rel=1618551855583
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
73e04810a2fa05e727eb5d57e7a0c1aa8744a698181ee209c10af9ba307abf65

Request headers

:path
/vendor/parsleyjs/dist/i18n/en.js?rel=1618551855583
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:53:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 05:41:15 GMT
server
nginx
age
28134
etag
W/"6079237b-58b"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
xZb4xZfslEvwXNqWm1BwGLUe3FyITtuZx9RRQjfNriMK5p_WpdVwKA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		9 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300|Lora:400,700
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f879ddcfe59f9458aaf0b8034e399e42995699ab50b62636c6a863bf77fa639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 19:42:34 GMT
server
ESF
date
Sat, 17 Apr 2021 19:42:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 19:42:34 GMT
css
fonts.googleapis.com/ 		4 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ead3f5334b11f153bc63e3339db233df14200bb70895e0cf0a7a008496b3abc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:21:11 GMT
server
ESF
date
Sat, 17 Apr 2021 19:42:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 19:42:34 GMT
css
fonts.googleapis.com/ 		3 KB
604 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:600,700&display=swap
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9ab6b882ede6db80d53c0a1c3cf9498d8ceb4cdb5d83d783682cd5e54b2f866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 19:42:34 GMT
server
ESF
date
Sat, 17 Apr 2021 19:42:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 19:42:34 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
3284103
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0982f44d2200004e7ff731c000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0e158483888a4ecabe6958fc28c56bca
cf-ray
64182328388d4e7f-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		132 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6SX37F
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b31518e954d3eeb20c57efa17f2a1385cf1015efd8ef64618cd8e0da0de82e7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49022
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Apr 2021 19:42:34 GMT
1eulhktkd
embed.tawk.to/602bcd6d918aa261273f62cc/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/602bcd6d918aa261273f62cc/1eulhktkd
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a7252bf6546a11c8976260aeb2705cca184f5005b16ef5180d991c0ed67253
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2180
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0982f44d4b00002bcee8037000000001
server
cloudflare
etag
W/"stable-v3-709-en"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400, s-maxage=3600
cf-ray
641823287dae2bce-FRA
jumbo-1.jpg
www.canadian-etavisas.com/img/canada/visaetacanada/jumbotron/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/canada/visaetacanada/jumbotron/jumbo-1.jpg
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
3a3a034a68cb838df73f6580053362b453c626d511420c5bedec78eb2839fe1e

Request headers

:path
/img/canada/visaetacanada/jumbotron/jumbo-1.jpg
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:29 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-cc74"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
52340
x-amz-cf-id
VvcNP2U_n5Go6_2Bmci6U7ICOfk3mLLZz3FtNNc_YudHcB2zaLUJ9Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
canada.png
www.canadian-etavisas.com/img/canada/visaetacanada/sprites/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.canadian-etavisas.com/img/canada/visaetacanada/sprites/canada.png
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
5147e8b5e6d19da8c8e99b99685dfe155c7dfe3ef868c3507c81dd8dd34268fb

Request headers

:path
/img/canada/visaetacanada/sprites/canada.png
pragma
no-cache
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:45:29 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:13 GMT
server
nginx
age
28625
etag
"60792379-3ebb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315360000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
16059
x-amz-cf-id
7CoMLFfPfUWd5DmoTKrdUYcxdaEOjjd0LrICIoSJoVsIddsf1lL3Uw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300|Lora:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
553136
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300|Lora:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
age
553136
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
fontawesome-webfont.woff2
www.canadian-etavisas.com/vendor/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.canadian-etavisas.com/vendor/fontawesome/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-128.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode
cors
origin
https://www.canadian-etavisas.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
DL5LP4P3-3rU(35=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8; Secure-3PAPlSlD=5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
:path
/vendor/fontawesome/fonts/fontawesome-webfont.woff2?v=4.4.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.canadian-etavisas.com
referer
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.canadian-etavisas.com
Referer
https://www.canadian-etavisas.com/styles/canada/visaetacanada/main.css?rel=1618551855583
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 11:53:40 GMT
via
1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
last-modified
Fri, 16 Apr 2021 05:41:14 GMT
server
nginx
age
28134
etag
"6079237a-12d68"
x-cache
Hit from cloudfront
content-type
font/woff2
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
content-length
77160
x-amz-cf-id
-NwHZkE2JHMCWUhjrf6fm9j_jZxZjppqrJVbEq-26hgjVwyp1jSkrw==
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300|Lora:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:52:25 GMT
server
sffe
age
553136
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35284
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300|Lora:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:56 GMT
server
sffe
age
553136
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16064
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
426406
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:48 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
426406
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:48 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6SX37F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
6543
date
Sat, 17 Apr 2021 17:53:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 17 Apr 2021 19:53:31 GMT
hotjar-2006185.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2006185.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6SX37F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-79.cph50.r.cloudfront.net
Software
/
Resource Hash
7eb4f0aec6dc75734819b8c0d0c55b9d7af2e5351dcfd45c4096724d290c14bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:41:49 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
45
etag
W/6cd4cef1851e16c29efa7bdd5ad25ba5
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
CPH50-C1
content-length
1515
via
1.1 85813c3d382dcae0aa1651f8f6eac244.cloudfront.net (CloudFront)
x-amz-cf-id
PI61LsuE560aY-JAKD0jgpGfaMkTLeR8Z4OIsdhCN5gpEwE_sOlj7g==
amplitude-4.4.0-min.gz.js
cdn.amplitude.com/libs/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by
Host: canadian-etavisas.com
URL: https://canadian-etavisas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-228.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 00:36:35 GMT
content-encoding
gzip
age
5771160
x-cache
Hit from cloudfront
content-length
25521
access-control-allow-origin
*
last-modified
Mon, 21 Oct 2019 15:45:35 GMT
server
AmazonS3
etag
"0ac70c6a5de910a09be49cfefd77c771"
x-amz-version-id
5wXGiWTByEVk3DSg02L19x7h8A..ke3l
via
1.1 a14ac175c5535de44ce87bfddfa7ddbf.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
AA1WLPi77YWaHMjthSWoDStR5_W-2ji-LDVFywyK2LN6ZpatNqHiIw==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=926898195&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canadian-etavisas.com%2F&ul=en-us&de=UTF-8&dt=eTA%20Canada%20%7C%20Online%20Electronic%20travel%20authorization%20to%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=660216964&gjid=913919052&cid=1690222732.1618688555&tid=UA-187251093-1&_gid=1517479031.1618688555&_r=1&gtm=2wg472P6SX37F&z=876629964
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 19:42:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.canadian-etavisas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5e37784fe3302c2578d8.js
script.hotjar.com/ 		218 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5e37784fe3302c2578d8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2006185.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-61.cph50.r.cloudfront.net
Software
/
Resource Hash
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 17:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
353486
x-cache
Hit from cloudfront
content-length
58942
access-control-allow-origin
*
last-modified
Tue, 13 Apr 2021 17:30:39 GMT
etag
"f06a24b93b2f2e5b46ec94292a2d8286"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9U41Zl-SkQjeJxeiswfq0w-IpwP1uaF3Ml8Xmyy-yORGE66XRVNXgQ==
/
api.amplitude.com/ 		7 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.26.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-26-125.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 17 Apr 2021 19:42:35 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame A95F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2006185.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-98.cph50.r.cloudfront.net
Software
/
Resource Hash
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-5e3cec51ed8e99df6977c199d27812d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.canadian-etavisas.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.canadian-etavisas.com/

Response headers

content-type
text/html
content-length
684
date
Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"4e332edbbc3b46800c87f197cc7d3bb6"
last-modified
Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a6387c40eaa6a8c2b04e192223469762.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
g9nJXRIAUYSAOnkIa_64KijWVFT4iImCsCNLmzdOI9_gV5htaXrmRQ==
age
1567922
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: www.canadian-etavisas.com
URL: https://www.canadian-etavisas.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
JYH14ASR439XBEKT
x-cache
HIT
content-length
11777
x-amz-id-2
uWX3pVbwvgt2DL5UG1TtY7CoMVAeKsezBDkY76XsToLHfVx1mP2Q4J8uGrcCbWb/Iq2RLI7Caak=
x-served-by
cache-hhn4073-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1618688555.942527,VS0,VE0
date
Sat, 17 Apr 2021 19:42:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
18436
app.js
static-v.tawk.to/709/ 		503 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-v.tawk.to/709/app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/602bcd6d918aa261273f62cc/1eulhktkd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2418013
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0982f44f7a00002bced83fa000000001
last-modified
Fri, 15 Jan 2021 22:41:20 GMT
server
cloudflare
etag
W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6418232bfdbd2bce-FRA
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=602bcd6d918aa261273f62cc&widgetId=1eulhktkd
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ec0df70a3034ee748e9e92045cdf9aeb40421b4bd6e5643a643cf160ff8b1b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2179
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0982f44fb500002bcedd94e000000001
x-served-by
visitor-application-preemptive-jc0d
server
cloudflare
etag
W/"1-5-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400, s-maxage=14400
cf-ray
6418232c5e6e2bce-FRA
access-control-allow-headers
content-type,x-tawk-token
1618688554935
va.tawk.to/register/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1618688554935
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0795e01bf3f1f7eef28a895fd8a9fee29479f8dad293a540f8c785f903895f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Apr 2021 19:42:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0982f44fc900004a61fc22c000000001
x-served-by
visitor-application-preemptive-msqd
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.canadian-etavisas.com
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6418232c79534a61-FRA
access-control-allow-headers
content-type,x-tawk-token
8c302b88fe
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8c302b88fe?a=1256626306&v=1208.49599aa&to=Zl0GNxMHXUVRVEwIXV8XJQAVD1xYH19XDFc%3D&rst=1015&ck=1&ref=https://www.canadian-etavisas.com/&ap=48&be=194&fe=918&dc=502&perf=%7B%22timing%22:%7B%22of%22:1618688553951,%22n%22:0,%22u%22:190,%22ue%22:190,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:188,%22rpe%22:212,%22dl%22:191,%22di%22:502,%22ds%22:502,%22de%22:503,%22dc%22:918,%22l%22:918,%22le%22:919%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&fp=444&fcp=444&at=ShoFQVsdTks%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
css
fonts.googleapis.com/ Frame DDFE 		7 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:13:52 GMT
server
ESF
date
Sat, 17 Apr 2021 19:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 19:42:35 GMT
css
fonts.googleapis.com/ Frame 037C 		7 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:20:23 GMT
server
ESF
date
Sat, 17 Apr 2021 19:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 19:42:35 GMT
css
fonts.googleapis.com/ Frame 2C7B 		7 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 18:40:21 GMT
server
ESF
date
Sat, 17 Apr 2021 19:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 19:42:35 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 2C7B 		192 B
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5777005
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19153-FRA, cache-hhn4021-HHN
date
Sat, 17 Apr 2021 19:42:35 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 2C7B 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5777005
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19141-FRA, cache-hhn4021-HHN
date
Sat, 17 Apr 2021 19:42:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
/
vsb94.tawk.to/s/ 		101 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb94.tawk.to/s/?k=607b3a2b93e25d6f7c0225d2&u=RVydsZ8Tc6fk8xxF8873Ohq1omef9pJlXSeRXBkzZZRZZYG%2FbVjkkQ6DDWdrv%2BwB&uv=2&a=602bcd6d918aa261273f62cc&cver=0&pop=false&jv=709&asver=460&ust=false&EIO=3&transport=polling&__t=NZXMpap
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84360e22a13fa039776a83a2584626b6b230b3939f76f9eb1b418484609c1c0b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:35 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://www.canadian-etavisas.com
access-control-allow-credentials
true
cf-ray
6418232ecf064a61-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101
cf-request-id
0982f4513c00004a61441cf000000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 2C7B 		413 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
5777004
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19165-FRA, cache-hhn4021-HHN
date
Sat, 17 Apr 2021 19:42:35 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
api.amplitude.com/ 		7 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.26.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-26-125.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 17 Apr 2021 19:42:35 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 037C 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.canadian-etavisas.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
553137
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
/
vsb94.tawk.to/s/ 		77 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb94.tawk.to/s/?k=607b3a2b93e25d6f7c0225d2&u=RVydsZ8Tc6fk8xxF8873Ohq1omef9pJlXSeRXBkzZZRZZYG%2FbVjkkQ6DDWdrv%2BwB&uv=2&a=602bcd6d918aa261273f62cc&cver=0&pop=false&jv=709&asver=460&ust=false&EIO=3&transport=polling&__t=NZXMplV.0&sid=fB9Sx3_lZtB1l56_6Nfp
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
042ede4379adfcfc80c0d87c798e6f81f0a9d367b7795b7ebc7b038d4bb66788
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://www.canadian-etavisas.com
access-control-allow-credentials
true
cf-ray
641823331c109ac8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77
cf-request-id
0982f453ee00009ac897244000000001
v3
va.tawk.to/log-performance/ 		5 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Apr 2021 19:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0982f4569f00009ac88a3d6000000001
x-served-by
visitor-application-preemptive-n9g7
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.canadian-etavisas.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
641823376e379ac8-FRA
access-control-allow-headers
content-type,x-tawk-token
/
vsb94.tawk.to/s/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb94.tawk.to/s/?k=607b3a2b93e25d6f7c0225d2&u=RVydsZ8Tc6fk8xxF8873Ohq1omef9pJlXSeRXBkzZZRZZYG%2FbVjkkQ6DDWdrv%2BwB&uv=2&a=602bcd6d918aa261273f62cc&cver=0&pop=false&jv=709&asver=460&ust=false&EIO=3&transport=polling&__t=NZXMpwT&sid=fB9Sx3_lZtB1l56_6Nfp
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 19:42:37 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://www.canadian-etavisas.com
access-control-allow-credentials
true
cf-ray
641823376e389ac8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4
cf-request-id
0982f4569f00009ac87ba5b000000001
8c302b88fe
bam.nr-data.net/events/1/ 		24 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/8c302b88fe?a=1256626306&v=1208.49599aa&to=Zl0GNxMHXUVRVEwIXV8XJQAVD1xYH19XDFc%3D&rst=11015&ck=1&ref=https://www.canadian-etavisas.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/4.5.3/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.canadian-etavisas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.canadian-etavisas.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| CryptoJS object| Sentry object| __SENTRY__ object| dataLayer object| Tawk_API object| Tawk_LoadStart object| countries_isocode object| prefix_countries function| _toConsumableArray function| loading_spinner function| remove_spinner function| _hideOptionsIf function| validateEmail function| multiselector function| dualValidate function| dateForm function| getCookie function| setCookie function| PonerCookie function| toogleInfo function| _slice object| url_params object| userinfo object| html5 object| Modernizr function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley function| Cookies function| Picker string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| amplitude object| eventProperties object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| $jscomp function| $jscomp$lookupPolyfilledValue function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName

10 Cookies

Domain/Path Name / Value
.canadian-etavisas.com/ Name: _hjFirstSeen
Value: 1
.canadian-etavisas.com/ Name: amplitude_id_40b7022a3e6a632745e8a733f4bcf261canadian-etavisas.com
Value: eyJkZXZpY2VJZCI6IjAxYTg2NGU1LWEwMGUtNDdjZC05Y2IzLTcyZmJkMTg2YmEzNVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYxODY4ODU1NDY4NiwibGFzdEV2ZW50VGltZSI6MTYxODY4ODU1NDY4OSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9
.canadian-etavisas.com/ Name: _hjid
Value: 5bd5efd4-407e-4503-8e66-4ae4cf971aa7
www.canadian-etavisas.com/ Name: Secure-3PAPlSlD
Value: 5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8
.canadian-etavisas.com/ Name: _ga
Value: GA1.2.1690222732.1618688555
.canadian-etavisas.com/ Name: _gid
Value: GA1.2.1517479031.1618688555
.canadian-etavisas.com/ Name: _hjTLDTest
Value: 1
.canadian-etavisas.com/ Name: _gat_UA-187251093-1
Value: 1
www.canadian-etavisas.com/ Name: userinfo
Value: {%22referrer%22:%22https://www.canadian-etavisas.com/%22%2C%22user_agent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit/537.36%20(KHTML%2C%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36%22%2C%22browser_language%22:%22en-US%22}
www.canadian-etavisas.com/ Name: DL5LP4P3-3rU(35
Value: 5d087647-3fbc-488b-8202-ea0553c818b9.90a75d8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
bam.nr-data.net
browser.sentry-cdn.com
canadian-etavisas.com
cdn.amplitude.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
script.hotjar.com
stackpath.bootstrapcdn.com
static-v.tawk.to
static.hotjar.com
va.tawk.to
vars.hotjar.com
vsb94.tawk.to
www.canadian-etavisas.com
www.google-analytics.com
www.googletagmanager.com
13.33.139.128
143.204.237.228
143.204.245.61
143.204.245.79
143.204.245.98
151.101.114.110
162.247.242.21
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a04:4e42:1b::621
2a04:4e42:600::729
54.244.26.125
02e6e6b80ae5fe46ed403d92e715d75b3437b7b5ca737446516f94aa71996fb8
042ede4379adfcfc80c0d87c798e6f81f0a9d367b7795b7ebc7b038d4bb66788
06e7ab796f4a252d74415db7f51b19d997f65a0221ede43b08672a89878067d6
0b0795e01bf3f1f7eef28a895fd8a9fee29479f8dad293a540f8c785f903895f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d9a1cab8400a4d79cc08adff50eb69886a8dbeda96ee9f655b143aca1b56420
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f8ec8ee6ce71ba1e422d233e2fe052b0003902df6d2dd329d91191b9c60d849
3a3a034a68cb838df73f6580053362b453c626d511420c5bedec78eb2839fe1e
3ead3f5334b11f153bc63e3339db233df14200bb70895e0cf0a7a008496b3abc
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48a7252bf6546a11c8976260aeb2705cca184f5005b16ef5180d991c0ed67253
5147e8b5e6d19da8c8e99b99685dfe155c7dfe3ef868c3507c81dd8dd34268fb
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
6331f2cbf2cf9cf46effdf1e48bc7aa08f3c0ed4c1be5a9ae1da8eb34f9b735d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
720336a616614bea5a6b4a8bf4e078e7976558f9eac2deaa93b27eb64fbdbd12
73e04810a2fa05e727eb5d57e7a0c1aa8744a698181ee209c10af9ba307abf65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7eb4f0aec6dc75734819b8c0d0c55b9d7af2e5351dcfd45c4096724d290c14bc
7f879ddcfe59f9458aaf0b8034e399e42995699ab50b62636c6a863bf77fa639
826d4888b5e0240ca141d7c983c1e3886c0cddd10f0187fb59305ab8ed2d92ba
84360e22a13fa039776a83a2584626b6b230b3939f76f9eb1b418484609c1c0b
84e5e055de831e7cc65dacfbe6d6c278ecde35699ca97baa989d26c479c21b40
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
98159f2fffbd8406d348fe01c5ae0e49dccb2edd2c5066ecb11defe737ada526
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a6d236c71285a703c17e47cc2e181974ccbf89eabe6083f13890b0df11008429
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aa263c92887e0b898dad880d9492b2d3ccc42b1fe16a7c3dc74320d33b94707f
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
ab37318382cb80002b5b879baa7afc3750bd7db65f2aa77685d3e07399e56a48
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b31518e954d3eeb20c57efa17f2a1385cf1015efd8ef64618cd8e0da0de82e7a
b453cff89ad29e0c247a91762e341eb87c893a35be98b81eee87c78ef943816b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdb04e9f23d38a9ed88c6f2c5dfa835595377e0bb3c9f0757177a8046374c66a
bdb1d557d0d9553f0cf747173b24789a8b9a5ea276fedb2c1e8f97eae2bc5e77
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5ec0df70a3034ee748e9e92045cdf9aeb40421b4bd6e5643a643cf160ff8b1b
c6826494432163d74fd27e78ad011a13d55e4670441cd49fc9f1e52a4afd28d9
c9ab6b882ede6db80d53c0a1c3cf9498d8ceb4cdb5d83d783682cd5e54b2f866
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fe5f8d4505ce040cc22d858aa7636262168e3449787dd05f75ea7050ff8ce06f