urlscan.io logo urlscan.io
SecurityTrails logo

secure-support.heartandstroke.ca Open in urlscan Pro
74.123.152.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure-support.heartandstroke.ca/
Effective URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagen...
Submission: On October 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 74.123.152.231, located in United States and belongs to BLACKBAUD-ASN, US. The main domain is secure-support.heartandstroke.ca.
TLS certificate: Issued by RapidSSL RSA CA 2018 on November 22nd 2019. Valid for: 2 years.
This is the only time secure-support.heartandstroke.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 17 74.123.152.231 15148 (BLACKBAUD...)
2 142.250.186.168 15169 (GOOGLE)
1 142.250.181.234 15169 (GOOGLE)
14 3
Domain Requested by
12 secure-support.heartandstroke.ca 1 redirects secure-support.heartandstroke.ca
5 support.heartandstroke.ca 5 redirects
2 ssl.google-analytics.com secure-support.heartandstroke.ca
1 ajax.googleapis.com secure-support.heartandstroke.ca
14 4
Subject Issuer Validity Valid
secure-support.heartandstroke.ca
RapidSSL RSA CA 2018		 2019-11-22 -
2021-11-21		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Frame ID: 962DCED5F67406B2503ADB05FA29D277
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heart and Stroke Foundation of Canada / Fondation des maladies du coeur et de l'AVC

Page URL History Show full URLs

  1. https://secure-support.heartandstroke.ca/ HTTP 302
    http://support.heartandstroke.ca/ HTTP 301
    http://support.heartandstroke.ca/site/PageServer HTTP 302
    http://support.heartandstroke.ca/Home HTTP 301
    http://support.heartandstroke.ca/site/RedirectHandler?key=Home HTTP 302
    http://support.heartandstroke.ca/site/PageServer?pagename=hsf_homepage HTTP 302
    https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADC... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js/convio/modules\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

199 kB
Transfer

260 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure-support.heartandstroke.ca/ HTTP 302
    http://support.heartandstroke.ca/ HTTP 301
    http://support.heartandstroke.ca/site/PageServer HTTP 302
    http://support.heartandstroke.ca/Home HTTP 301
    http://support.heartandstroke.ca/site/RedirectHandler?key=Home HTTP 302
    http://support.heartandstroke.ca/site/PageServer?pagename=hsf_homepage HTTP 302
    https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ;jsessionid=00000000.app206a
secure-support.heartandstroke.ca/site/SPageServer/
Redirect Chain
  • https://secure-support.heartandstroke.ca/
  • http://support.heartandstroke.ca/
  • http://support.heartandstroke.ca/site/PageServer
  • http://support.heartandstroke.ca/Home
  • http://support.heartandstroke.ca/site/RedirectHandler?key=Home
  • http://support.heartandstroke.ca/site/PageServer?pagename=hsf_homepage
  • https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
7b1533386f35c7d72e6762cb28e79bbec9c600b6b601607dc12d98310f241d17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://secure-support.heartandstroke.ca/site/XFrameViolation

Request headers

Host
secure-support.heartandstroke.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 22 Oct 2021 12:26:02 GMT
Server
Apache
Cache-Control
no-store
Pragma
no-cache
Set-Cookie
JSESSIONID=361286178459AA2FBDD31A80A4BB5C1E.app206a; Path=/site/ JSESSIONID=361286178459AA2FBDD31A80A4BB5C1E.app206a;Path=/site/CRConsAPI; Secure; SameSite=None JSESSIONID=361286178459AA2FBDD31A80A4BB5C1E.app206a;Path=/site/CrmRest; Secure; SameSite=None JSESSIONID=361286178459AA2FBDD31A80A4BB5C1E.app206a;Path=/site/AnonymousLogin; Secure; SameSite=None JSESSIONID=361286178459AA2FBDD31A80A4BB5C1E.app206a;Path=/site/CRDonationAPI; Secure; SameSite=None
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://secure-support.heartandstroke.ca/site/XFrameViolation
Keep-Alive
timeout=15, max=247
Connection
Keep-Alive
Content-Type
text/html;charset=ISO-8859-1
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Date
Fri, 22 Oct 2021 12:26:02 GMT
Server
Apache
Cache-Control
no-store
Pragma
no-cache
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri http://support.heartandstroke.ca/site/XFrameViolation
Location
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Content-Length
0
Keep-Alive
timeout=15, max=499
Connection
Keep-Alive
Content-Type
text/html
yui-min.js
secure-support.heartandstroke.ca/yui3/yui/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/yui3/yui/yui-min.js
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Fri, 28 May 2010 16:44:29 GMT
Server
Apache
Age
0 1
ETag
"3baa-487aa3880d540"
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=350
Content-Length
15274
modules.js
secure-support.heartandstroke.ca/js/convio/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/js/convio/modules.js?version=2.9.1
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
aa432c05daee8749817b34c7d407845c3132dbb52fe62bb15f8d745cdb869134

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Wed, 24 Feb 2021 06:40:28 GMT
Server
Apache
Age
0 1
ETag
"3bb8-5bc0f4f8e0aef"
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=465
Content-Length
15288
utils.js
secure-support.heartandstroke.ca/js/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/js/utils.js
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Thu, 10 Nov 2016 06:13:44 GMT
Server
Apache
Age
0 1
ETag
"7f46-540ec469b4121"
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=251
Content-Length
32582
obs_comp_rollup.js
secure-support.heartandstroke.ca/js/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/js/obs_comp_rollup.js
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Tue, 07 Feb 2012 18:21:34 GMT
Server
Apache
Age
0 1
ETag
"2936-4b863d94fc780"
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=411
Content-Length
10550
default.css
secure-support.heartandstroke.ca/css/themes/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/css/themes/default.css
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Wed, 24 Jul 2013 19:12:15 GMT
Server
Apache
Age
0 1
ETag
"11df-4e246affca1c0"
ntCoent-Length
4575
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15, max=449
Content-Length
1256
alphacube.css
secure-support.heartandstroke.ca/css/themes/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/css/themes/alphacube.css
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cteonnt-Length
2648
Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Wed, 02 Dec 2009 21:55:41 GMT
Server
Apache
Age
0 1
ETag
"a58-479c5ef879140"
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15, max=385
Content-Length
748
urchin.js
ssl.google-analytics.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/urchin.js
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 09:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
10564
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1209600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6847
expires
Fri, 05 Nov 2021 09:29:58 GMT
UserGlobalStyle.css
secure-support.heartandstroke.ca/css/ 		51 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/css/UserGlobalStyle.css
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
789ea3db44dd9c89c8283ed3693b61d5ee77486d451704e6aad5a0db0eab590f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Wed, 28 Jan 2015 07:00:56 GMT
Server
Apache
Age
0 1
ETag
"cb31-50db0eed69a00"
ntCoent-Length
52017
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15, max=347
Content-Length
12869
CustomStyle.css
secure-support.heartandstroke.ca/css/ 		1 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/css/CustomStyle.css
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
dd5d6ad0753422b193694e8743fe96884e3903c0d60f59b5ef2dcd17fe4e5a52

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cteonnt-Length
1207
Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Tue, 04 Sep 2018 14:27:20 GMT
Server
Apache
Age
0 1
ETag
"4b7-5750c74a579a5"
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15, max=442
Content-Length
619
CustomWysiwygStyle.css
secure-support.heartandstroke.ca/css/ 		239 B
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure-support.heartandstroke.ca/css/CustomWysiwygStyle.css
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
70c6153c446ec4fd067ed43a8544da1c3b5db57554f864c85d380cca95126730

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Wed, 02 Dec 2009 21:55:00 GMT
Server
Apache
Age
0 1
ETag
"ef-479c5ed15f500"
ntCoent-Length
239
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15, max=351
Content-Length
153
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:45:21 GMT
x-content-type-options
nosniff
age
49241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94840
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 22:45:21 GMT
HSF_HeaderBanner_EN.png
secure-support.heartandstroke.ca/images/content/pagebuilder/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-support.heartandstroke.ca/images/content/pagebuilder/HSF_HeaderBanner_EN.png
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.152.231 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster2.convio.net
Software
Apache /
Resource Hash
f0d17c6d82026d63c4d9c8ea02550fdbe360762e5358c614865d0cb9c7dd3b34

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
secure-support.heartandstroke.ca
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 22 Oct 2021 12:26:03 GMT
Via
NS-CACHE-10.0: 22
Last-Modified
Tue, 17 Jan 2017 19:35:23 GMT
Server
Apache
Age
0 1
ETag
"b87-5464f66bb34e7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2951
__utm.gif
ssl.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1484015985&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Heart%20and%20Stroke%20Foundation%20of%20Canada%20%2F%20Fondation%20des%20maladies%20du%20coeur%20et%20de%20l%27AVC&utmhn=secure-support.heartandstroke.ca&utmhid=1914519733&utmr=-&utmp=/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage&utmac=87287930&utmcc=__utma%3D128952846.1484015985.1634905563.1634905563.1634905563.1%3B%2B__utmz%3D128952846.1634905563.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Requested by
Host: secure-support.heartandstroke.ca
URL: https://secure-support.heartandstroke.ca/site/SPageServer/;jsessionid=00000000.app206a?NONCE_TOKEN=E87473E78009B1EADCAC7443500A70FF&pagename=hsf_homepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://secure-support.heartandstroke.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 12:44:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
85293
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| YUI function| getModules object| Y function| emptyFunction function| toFunction function| remapConsoleFunctions object| Utils object| UtilsConstants function| addOnLoadHandler function| getObj function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| MM_openBrWindow function| appendToUrl function| addHiddenInput function| CurrencyContext object| utils_currencyContext function| setCurrencyContext function| parseCurrency function| formatCurrency function| getCurrencyScalingFactor string| utils_digits function| parseIntStrict function| getSelOptionObject function| getOptionSelection function| addOptionToSelect function| deselectOption function| changeLinksToStayInPopup function| link_submit_redirect function| findContainingLink function| DlgMgr object| DialogManager function| openModelessDialog function| reloadWindow function| isNS function| isIE function| closeWin function| set_display function| disable_edit function| removeChildren function| getElementText function| setElementText function| set_visible function| show_block_element function| show_element function| hide_element function| parse_boolean function| disable_element function| reset_element function| get_input_default_value function| get_input_value function| get_option_value function| is_text_field function| set_input_value function| get_which_radio function| subclass function| getAncestor function| getAncestorByClass function| findAllOfClass function| isOfClass function| filterByClass function| cv_show_help function| cv_new_win_from_link function| cv_new_win function| cv_win_focus function| cv_should_handle function| cv_popup_from_link_handler function| cv_new_win_from_link_handler function| cv_new_win_handler function| cv_help_link_handler function| enable_help_links function| cv_show_preview function| cv_preview_link_handler function| cv_launch_window_on_load function| enable_preview_links function| URLEncode function| URLEncodeParamValue function| decToHex function| reversal function| isUrlOK function| SetChecked function| limitArea number| WCAGState function| keepAlive function| forceKeepAlive function| formatTime undefined| keepAliveDialog undefined| keepAliveTimer function| initKeepAliveDialog function| showTimingOutDialog function| showTimedOutDialog function| showKeepAliveDialog function| keepAlivePoll function| keepAlive2 function| forceKeepAlive2 boolean| _submitOnce function| submitOnce function| submitEnter function| copy_to_clip function| choiceSelected function| ds_merge_field function| ds_merge_direct_field function| ds_merge_date_field function| MergeCompositeObserver function| trim function| isArray function| showLightbox function| hideLightbox function| resizeBgDiv function| preEnhance function| postEnhance function| toTitleCase function| enhanceDomToPostLatin1EncodedData function| CList function| CCallWrapper function| CSimpleObservable object| oc_components function| ObservableComponent function| ObservableRadioComponent function| ObservableGridComponent function| get_observable_component function| fire_obs_comp_event function| observe_component function| filter_values_equal function| ComponentEnabler function| ComponentDisabler function| ComponentDisplayer function| ObservableComponentEvent string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno number| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx function| $ function| jQuery object| gaGlobal

10 Cookies

Domain/Path Name / Value
secure-support.heartandstroke.ca/site/AnonymousLogin Name: JSESSIONID
Value: 361286178459AA2FBDD31A80A4BB5C1E.app206a
secure-support.heartandstroke.ca/site/CRDonationAPI Name: JSESSIONID
Value: 361286178459AA2FBDD31A80A4BB5C1E.app206a
secure-support.heartandstroke.ca/site/CRConsAPI Name: JSESSIONID
Value: 361286178459AA2FBDD31A80A4BB5C1E.app206a
secure-support.heartandstroke.ca/site/CrmRest Name: JSESSIONID
Value: 361286178459AA2FBDD31A80A4BB5C1E.app206a
secure-support.heartandstroke.ca/site/ Name: JSESSIONID
Value: 361286178459AA2FBDD31A80A4BB5C1E.app206a
support.heartandstroke.ca/ Name: JSESSIONID
Value: 361286178459AA2FBDD31A80A4BB5C1E.app206a
.secure-support.heartandstroke.ca/ Name: __utma
Value: 128952846.1484015985.1634905563.1634905563.1634905563.1
.secure-support.heartandstroke.ca/ Name: __utmb
Value: 128952846
.secure-support.heartandstroke.ca/ Name: __utmc
Value: 128952846
.secure-support.heartandstroke.ca/ Name: __utmz
Value: 128952846.1634905563.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://secure-support.heartandstroke.ca/site/XFrameViolation