id.meridiancu.sandbox.thinkingcapital.ca Open in urlscan Pro
52.200.34.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://id.meridiancu.sandbox.thinkingcapital.ca/
Submission: On February 02 via automatic, source certstream-suspicious (February 2nd 2021, 4:17:23 pm UTC)

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 52.200.34.95, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is id.meridiancu.sandbox.thinkingcapital.ca.
TLS certificate: Issued by R3 on February 2nd 2021. Valid for: 3 months.

This is the only time id.meridiancu.sandbox.thinkingcapital.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	52.200.34.95 52.200.34.95	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.194.31 13.224.194.31	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	52.95.145.144 52.95.145.144	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	13.224.194.37 13.224.194.37	16509 (AMAZON-02) (AMAZON-02)
7	13.225.78.57 13.225.78.57	16509 (AMAZON-02) (AMAZON-02)
1	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.101 13.225.78.101	16509 (AMAZON-02) (AMAZON-02)
24	8

7 52.200.34.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-34-95.compute-1.amazonaws.com

id.meridiancu.sandbox.thinkingcapital.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.31 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-31.fra2.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.145.144 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ca-central-1.amazonaws.com

ario-logo-assets.s3.ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.37 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-37.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.78.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-101.fra2.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	intercomcdn.com js.intercomcdn.com	393 KB
7	thinkingcapital.ca id.meridiancu.sandbox.thinkingcapital.ca	763 KB
3	gstatic.com fonts.gstatic.com	32 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	2 KB
1	intercomassets.com static.intercomassets.com	15 KB
1	amazonaws.com ario-logo-assets.s3.ca-central-1.amazonaws.com	10 KB
1	trustpilot.com widget.trustpilot.com	7 KB
24	8

	Domain	Requested by
7	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com id.meridiancu.sandbox.thinkingcapital.ca
7	id.meridiancu.sandbox.thinkingcapital.ca	id.meridiancu.sandbox.thinkingcapital.ca
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	id.meridiancu.sandbox.thinkingcapital.ca
1	static.intercomassets.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	ario-logo-assets.s3.ca-central-1.amazonaws.com	id.meridiancu.sandbox.thinkingcapital.ca
1	widget.trustpilot.com	id.meridiancu.sandbox.thinkingcapital.ca
24	9

This site contains no links.

Subject Issuer	Validity	Valid
id.meridiancu.sandbox.thinkingcapital.ca R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
*.trustpilot.com Amazon	`2020-05-01` - `2021-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-24` - `2021-08-18`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
intercomassets.com Amazon	`2020-08-15` - `2021-09-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://id.meridiancu.sandbox.thinkingcapital.ca/
Frame ID: 424A7D828BC92797D587EB481AC79D3B
Requests: 16 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7b38e8b7.js
Frame ID: F77AC7EC5D61FA38BF2DC13F9D243B44
Requests: 6 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: C61D66283AF5FAE4820FCA3B06E013C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

24
Requests

100 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1224 kB
Transfer

2899 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://widget.intercom.io/widget/nk6rs27r HTTP 302
https://js.intercomcdn.com/shim.latest.js

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
id.meridiancu.sandbox.thinkingcapital.ca/ 160 KB
163 KB 932ms
600ms Document
text/html 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

768994aa920fd9f4c9ea87eaf3a9befba421a4f717f1d9b11ab1aa1cbb1ee2da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://tagmanager.google.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src 'self' 'unsafe-inline' data: https://ario-logo-assets.s3.ca-central-1.amazonaws.com https://ario-static-assets-sandbox.s3.us-east-2.amazonaws.com https://ario-static-assets-sandbox.s3.us-east-2.amazon.com https://acuityplatform.com https://ssl.gstatic.com/ www.gstatic.com https://www.google.com https://www.google.ca www.google-analytics.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com; font-src 'self' data: fonts.gstatic.com https://tagmanager.google.com https://js.intercomcdn.com; frame-src https://www.google.com/recaptcha/ https://intercom-sheets.com/ https://widget.trustpilot.com; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://script.google.com/macros/s/AKfycby1NS8O3NRM8VMQtwdriB9p4IsVukSJpEoJG-gfuQ0TUOoAeqM/exec https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://widget.trustpilot.com 'nonce-K5Rp93WDA/Ww/enZDtPYqw=='; form-action *.sandbox.zetatango.com sandbox.zetatango.com https://appcenter.intuit.com https://accounts.intuit.com https://intercom.help; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; child-src 'self' https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com ; media-src 'self' https://js.intercomcdn.com; report-uri /csp_reports
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: id.meridiancu.sandbox.thinkingcapital.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: Cowboy
Date: Tue, 02 Feb 2021 16:16:56 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), speaker=(), sync-xhr=(), usb=(), vr=()
Cache-Control: no-store
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Etag: W/"768994aa920fd9f4c9ea87eaf3a9befb"
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://tagmanager.google.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src 'self' 'unsafe-inline' data: https://ario-logo-assets.s3.ca-central-1.amazonaws.com https://ario-static-assets-sandbox.s3.us-east-2.amazonaws.com https://ario-static-assets-sandbox.s3.us-east-2.amazon.com https://acuityplatform.com https://ssl.gstatic.com/ www.gstatic.com https://www.google.com https://www.google.ca www.google-analytics.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com; font-src 'self' data: fonts.gstatic.com https://tagmanager.google.com https://js.intercomcdn.com; frame-src https://www.google.com/recaptcha/ https://intercom-sheets.com/ https://widget.trustpilot.com; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://script.google.com/macros/s/AKfycby1NS8O3NRM8VMQtwdriB9p4IsVukSJpEoJG-gfuQ0TUOoAeqM/exec https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://widget.trustpilot.com 'nonce-K5Rp93WDA/Ww/enZDtPYqw=='; form-action *.sandbox.zetatango.com sandbox.zetatango.com https://appcenter.intuit.com https://accounts.intuit.com https://intercom.help; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; child-src 'self' https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com ; media-src 'self' https://js.intercomcdn.com; report-uri /csp_reports
Set-Cookie: _roadrunner_session=593358aed58dff854da2b7554c27bb62; path=/; expires=Wed, 03 Feb 2021 04:16:57 GMT; secure; HttpOnly
X-Request-Id: b66221be-7abe-4a54-b13f-51ee9e5d6ec6
X-Runtime: 0.458811
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Rack-Cors: miss; no-origin
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H/1.1 200
OK application-38a868bd2892a94dacb33fcc91223a6d2cbfdfec1a0ca446ece6943f285418d2.css
id.meridiancu.sandbox.thinkingcapital.ca/assets/ 61 KB
14 KB 521ms
244ms Stylesheet
text/css 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-38a868bd2892a94dacb33fcc91223a6d2cbfdfec1a0ca446ece6943f285418d2.css

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

4bb3311f21a7f3064c24405fd859cd74c185912354fb237149e0175ab7f7e63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Rack-Cors: miss; no-origin
Date: Tue, 02 Feb 2021 16:16:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 22:51:45 GMT
Server: Cowboy
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Length: 13976

GET
H/1.1 200
OK application-c3d5f5bacd65a821d7166736111e00b1190ed3d812ac7615ca73d13aa3ba7205.js Show response
id.meridiancu.sandbox.thinkingcapital.ca/assets/ 1 MB
475 KB 438ms
147ms Script
application/javascript 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-c3d5f5bacd65a821d7166736111e00b1190ed3d812ac7615ca73d13aa3ba7205.js

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

c6a09d0e993cacb6359c2f5949c33f744d7d0ed67422a3efddc4fe04e792a5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Rack-Cors: miss; no-origin
Date: Tue, 02 Feb 2021 16:16:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 22:51:45 GMT
Server: Cowboy
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 vegur
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Length: 486092

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 20 KB
7 KB 145ms
49ms Script
application/x-javascript 13.224.194.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.31 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-31.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b4e13931ab40de24157618e15c0acf8709db66a56f5924bebb3834c5f632105d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 51895
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 02 Feb 2021 01:52:03 GMT
content-length: 6699
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Jan 2021 09:37:02 GMT
server: AmazonS3
etag: "2fd9c60e9bcfaf4ac19ab18d4a1e126e"
content-type: application/x-javascript
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 9wY3h-ZAxh5xvZyeroNLxKQ8m5Q7g1GpkwFiL7mXqgSbkampj4Px7w==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
769 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 16:01:57 GMT
server: ESF
date: Tue, 02 Feb 2021 16:16:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Feb 2021 16:16:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
715 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400,700

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7e687e6da7c209ee6f510f49c02af05b582008fa29bf5f8c893cbe5d07b5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 16:02:47 GMT
server: ESF
date: Tue, 02 Feb 2021 16:16:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Feb 2021 16:16:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
700 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

449b8b168de95704a3a54b50b229d477f74b0078cde7ca009fa408b60a5da574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 15:25:56 GMT
server: ESF
date: Tue, 02 Feb 2021 16:16:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Feb 2021 16:16:57 GMT

GET
H/1.1 200
OK intercom-f8c834d8d15b43b1fc8126b0d7d765b5decfc6b91041def5a2fa0dbec2753bc4.js Show response
id.meridiancu.sandbox.thinkingcapital.ca/assets/ 501 B
682 B 146ms
146ms Script
application/javascript 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/assets/intercom-f8c834d8d15b43b1fc8126b0d7d765b5decfc6b91041def5a2fa0dbec2753bc4.js

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

7bcbaea601a4c07f678cb2453f506c3549b7e4ad85ae794275bd0e72c8b55ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Rack-Cors: miss; no-origin
Date: Tue, 02 Feb 2021 16:16:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 02:25:22 GMT
Server: Cowboy
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 vegur
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Length: 324

GET
H/1.1 200
OK tc-logo.png
ario-logo-assets.s3.ca-central-1.amazonaws.com/ 10 KB
10 KB 561ms
148ms Image
image/png 52.95.145.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ario-logo-assets.s3.ca-central-1.amazonaws.com/tc-logo.png
Requested by: Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.144 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a3dfa12a23ea1b6da3d118f88c1b28c4ed22fc8168ce819a59b8d4e593c70a34

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 16:16:59 GMT
Last-Modified: Wed, 01 Apr 2020 13:34:46 GMT
Server: AmazonS3
x-amz-request-id: 0C90A989680CBB40
ETag: "33ef959389c8e505c6289297cb38dc79"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10351
x-amz-id-2: IRiKtGkeMvvqKXMgVuNhOiZ3u6BwW3cG6R0ejPVMM6DZvN5uJPiCCNuAU576yF+0kCWpT6wgKZ4=

GET
H/1.1 200
OK qb_sign_in_blue_en-b09a3ec0fa21cb6dd8e37fde0b79d835bee7781cd2417b37b1bc588897a41396.jpg
id.meridiancu.sandbox.thinkingcapital.ca/assets/quickbooks/ 20 KB
21 KB 142ms
141ms Image
image/jpeg 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/assets/quickbooks/qb_sign_in_blue_en-b09a3ec0fa21cb6dd8e37fde0b79d835bee7781cd2417b37b1bc588897a41396.jpg

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-38a868bd2892a94dacb33fcc91223a6d2cbfdfec1a0ca446ece6943f285418d2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

ded7b3075d75ad0984ff6558f5c8537a9d603eab211d999fd4c35e274d11f97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-38a868bd2892a94dacb33fcc91223a6d2cbfdfec1a0ca446ece6943f285418d2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Rack-Cors: miss; no-origin
Date: Tue, 02 Feb 2021 16:16:57 GMT
Via: 1.1 vegur
Last-Modified: Wed, 06 Jan 2021 16:51:43 GMT
Server: Cowboy
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Connection: keep-alive
Content-Length: 20935

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://id.meridiancu.sandbox.thinkingcapital.ca
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 15:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 175563
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Mon, 31 Jan 2022 15:30:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://id.meridiancu.sandbox.thinkingcapital.ca
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 85917
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Feb 2022 16:25:01 GMT

GET
H/1.1 200
OK fa-solid-900-e546fb3c56953992a5d20c52edb9e6d1b1141184b88ae19ba20a566d2ad98dbc.woff2
id.meridiancu.sandbox.thinkingcapital.ca/assets/font-awesome/ 78 KB
79 KB 142ms
142ms Font
application/font-woff2 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/assets/font-awesome/fa-solid-900-e546fb3c56953992a5d20c52edb9e6d1b1141184b88ae19ba20a566d2ad98dbc.woff2

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-38a868bd2892a94dacb33fcc91223a6d2cbfdfec1a0ca446ece6943f285418d2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Origin: https://id.meridiancu.sandbox.thinkingcapital.ca
Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-38a868bd2892a94dacb33fcc91223a6d2cbfdfec1a0ca446ece6943f285418d2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Rack-Cors: miss; no-origin
Date: Tue, 02 Feb 2021 16:16:58 GMT
Via: 1.1 vegur
Last-Modified: Wed, 06 Jan 2021 16:51:43 GMT
Server: Cowboy
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/font-woff2
Connection: keep-alive
Content-Length: 80300

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://id.meridiancu.sandbox.thinkingcapital.ca
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:25:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 85905
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 01 Feb 2022 16:25:13 GMT

GET
H/1.1 200
OK breach_passwords-2dfe2f28f6d4daaa323e7cf867efda65b5ae0af19f1fb47a2c95574d0a378413.json Show response
id.meridiancu.sandbox.thinkingcapital.ca/assets/ 10 KB
10 KB 147ms
146ms XHR
application/json 52.200.34.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://id.meridiancu.sandbox.thinkingcapital.ca/assets/breach_passwords-2dfe2f28f6d4daaa323e7cf867efda65b5ae0af19f1fb47a2c95574d0a378413.json

Requested by

Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/assets/application-c3d5f5bacd65a821d7166736111e00b1190ed3d812ac7615ca73d13aa3ba7205.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.34.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-34-95.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

1877c017013c0c9c815733bfd4924722d9b92e3de23e4b92a5e3a28b74e4c1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Rack-Cors: miss; no-origin
Date: Tue, 02 Feb 2021 16:16:58 GMT
Via: 1.1 vegur
Last-Modified: Wed, 06 Jan 2021 16:51:43 GMT
Server: Cowboy
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json
Connection: keep-alive
Content-Length: 10165

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/nk6rs27r
https://js.intercomcdn.com/shim.latest.js

13 KB
5 KB

178ms
52ms

Script
application/javascript

13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 065960beb201da63a106a1b315f67b450e5a8de00c73a1e2920ad517323ad5d5

Request headers

Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 16:15:26 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:40:16 GMT
server: AmazonS3
age: 93
etag: "f0761f260a4bdaff00fd958e6a72d364"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4827
x-amz-cf-id: hvP5tSNgl_oX5eWvulOPyMI_1gfRFosF6hsb8ZInPyK6TyZMKxZTPg==

Redirect headers

date: Sun, 31 Jan 2021 10:10:53 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
server: AmazonS3
age: 194766
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: US1A7yqTHGZnWl0vUghkLShzoCdHVnh2-sENOHDRpkVwzCJqc866dA==

GET
H2 200 frame-modern.7b38e8b7.js Show response
js.intercomcdn.com/ Frame F77A 244 KB
66 KB 95ms
94ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.7b38e8b7.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nk6rs27r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3670fbd8f2561d31f9857e51be256c40ef4fd7e2d659a236e0826476652eb9ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 15:40:25 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:29:29 GMT
server: AmazonS3
age: 2195
etag: "f47e91d5092d23332017019de631e3db"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 67127
x-amz-cf-id: 4-pfit38TzyXrBRSCXTevG8VydZNAbhkG-iR1T3rZ_sT6Q_D2j2rRA==

GET
H2 200 vendor-modern.b6ac9d66.js Show response
js.intercomcdn.com/ Frame F77A 123 KB
38 KB 95ms
94ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.b6ac9d66.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nk6rs27r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 859e744737e9da4fd99b477aec3514ba68135bf313325af9776c733c1d6b023a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 15:40:25 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:29:29 GMT
server: AmazonS3
age: 2195
etag: "35949a5455e6121654da2aae3d2a0e8e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 38323
x-amz-cf-id: WjBGy4FWnx90xl_Wf-U6GJHaueGUDYElVLORhWLRMVTMtyTip7OHaQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame F77A 3 KB
2 KB 772ms
497ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b38e8b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

849fe6e0d4dd83cb69654f29d9ee9cd79c4abf6d42ca83877cb74642acd1f796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 02 Feb 2021 16:17:00 GMT
content-encoding: gzip
x-ami-version: ami-01bbcee2357c5b1cf
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0001skusvk395q7s28rg
x-runtime: 0.354849
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"849fe6e0d4dd83cb69654f29d9ee9cd7"
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://id.meridiancu.sandbox.thinkingcapital.ca
x-intercom-version: a66a1a76c4bd852d3283686b184e8611c82cac29
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1612282620
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 vendors~app-modern.93b012e0.js Show response
js.intercomcdn.com/ Frame F77A 322 KB
97 KB 52ms
51ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.93b012e0.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b38e8b7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8597edd71fffe542255ebe8588ba913320ece80471352d78e2a4ad028e2c2d4a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 15:40:26 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:29:29 GMT
server: AmazonS3
age: 2201
etag: "1fe40b58699e8e775d206de551329526"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 98491
x-amz-cf-id: SCHAICtZcR6v52qf53lCI35ex-5U4CQZx0QrxZVt0lDqfw4ZvRKV9w==

GET
H2 200 app-modern.1ab7a7e6.js Show response
js.intercomcdn.com/ Frame F77A 664 KB
156 KB 63ms
62ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.1ab7a7e6.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b38e8b7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83c2294614a9b84e1313fde10ddd9a58746f437aa23920b1bc36b04701181e46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 15:40:26 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:29:29 GMT
server: AmazonS3
age: 2201
etag: "03a3a88c9d5538b2f0047b5eda39161b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 159519
x-amz-cf-id: NlVWKfcwVIu9uMITDTX0hshcqhiXkfo_wyD9Yl8DSxmaTtl8pGDHNQ==

GET
H2 200 launcher-discovery-modern.00025e2d.js Show response
js.intercomcdn.com/ Frame F77A 6 KB
2 KB 47ms
47ms Script
application/javascript 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/launcher-discovery-modern.00025e2d.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b38e8b7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 637923febacf46e36d69ad4858d43c2c1faf5cd269e0de768749f426eb2c8649

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 15:40:33 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:29:29 GMT
server: AmazonS3
age: 2194
etag: "fff7f64b4db5adee392728d48b59b5e9"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2112
x-amz-cf-id: hBCkCo2Tre6bmki3UykR5d8R8HewxevptMSIHS3wXP7rvaymE70bHQ==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame C61D 28 KB
29 KB 534ms
442ms Font
font/woff 13.225.78.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: id.meridiancu.sandbox.thinkingcapital.ca
URL: https://id.meridiancu.sandbox.thinkingcapital.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Origin: https://id.meridiancu.sandbox.thinkingcapital.ca
Referer: https://id.meridiancu.sandbox.thinkingcapital.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 16:17:07 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 28960
last-modified: Tue, 02 Feb 2021 11:29:29 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: NvcSzBuc5NzjkrBLsUYvf0dHSITIesfxZngAgM6Jigx_hicIcgh3gw==

GET
H2 200 IMG_4002-1554730921.JPG
static.intercomassets.com/avatars/3053757/square_128/ Frame C61D 15 KB
15 KB 157ms
55ms Image
image/jpeg 13.225.78.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/3053757/square_128/IMG_4002-1554730921.JPG?1554730921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8eb58b1242e201566fd1d46ffc2cc5c8d061532a67b338ecd106d2b498e09a3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 02 Feb 2021 16:15:47 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Mon, 08 Apr 2019 13:42:06 GMT
server: AmazonS3
age: 80
etag: "0ad2b43b6e84e66d504b2f786ce7d0e9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 15071
x-amz-cf-id: eKwye4EVnpTmIfuEJzsgMZf75gQMp1y6iyUEvwlUb4K1sfzOHLE1nw==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			id.meridiancu.sandbox.thinkingcapital.ca/	1970-01-19 15:52:05	Name: _roadrunner_session Value: 593358aed58dff854da2b7554c27bb62

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://tagmanager.google.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; img-src 'self' 'unsafe-inline' data: https://ario-logo-assets.s3.ca-central-1.amazonaws.com https://ario-static-assets-sandbox.s3.us-east-2.amazonaws.com https://ario-static-assets-sandbox.s3.us-east-2.amazon.com https://acuityplatform.com https://ssl.gstatic.com/ www.gstatic.com https://www.google.com https://www.google.ca www.google-analytics.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com; font-src 'self' data: fonts.gstatic.com https://tagmanager.google.com https://js.intercomcdn.com; frame-src https://www.google.com/recaptcha/ https://intercom-sheets.com/ https://widget.trustpilot.com; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://script.google.com/macros/s/AKfycby1NS8O3NRM8VMQtwdriB9p4IsVukSJpEoJG-gfuQ0TUOoAeqM/exec https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://widget.trustpilot.com 'nonce-K5Rp93WDA/Ww/enZDtPYqw=='; form-action *.sandbox.zetatango.com sandbox.zetatango.com https://appcenter.intuit.com https://accounts.intuit.com https://intercom.help; frame-ancestors 'none'; object-src 'none'; base-uri 'self'; connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; child-src 'self' https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com ; media-src 'self' https://js.intercomcdn.com; report-uri /csp_reports
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
ario-logo-assets.s3.ca-central-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
id.meridiancu.sandbox.thinkingcapital.ca
js.intercomcdn.com
static.intercomassets.com
widget.intercom.io
widget.trustpilot.com
13.224.194.31
13.224.194.37
13.225.78.101
13.225.78.57
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
52.200.34.95
52.95.145.144
75.2.88.188
065960beb201da63a106a1b315f67b450e5a8de00c73a1e2920ad517323ad5d5
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1877c017013c0c9c815733bfd4924722d9b92e3de23e4b92a5e3a28b74e4c1a9
3670fbd8f2561d31f9857e51be256c40ef4fd7e2d659a236e0826476652eb9ed
449b8b168de95704a3a54b50b229d477f74b0078cde7ca009fa408b60a5da574
4bb3311f21a7f3064c24405fd859cd74c185912354fb237149e0175ab7f7e63b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
637923febacf46e36d69ad4858d43c2c1faf5cd269e0de768749f426eb2c8649
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
768994aa920fd9f4c9ea87eaf3a9befba421a4f717f1d9b11ab1aa1cbb1ee2da
7bcbaea601a4c07f678cb2453f506c3549b7e4ad85ae794275bd0e72c8b55ca7
83c2294614a9b84e1313fde10ddd9a58746f437aa23920b1bc36b04701181e46
849fe6e0d4dd83cb69654f29d9ee9cd79c4abf6d42ca83877cb74642acd1f796
8597edd71fffe542255ebe8588ba913320ece80471352d78e2a4ad028e2c2d4a
859e744737e9da4fd99b477aec3514ba68135bf313325af9776c733c1d6b023a
8eb58b1242e201566fd1d46ffc2cc5c8d061532a67b338ecd106d2b498e09a3f
a3dfa12a23ea1b6da3d118f88c1b28c4ed22fc8168ce819a59b8d4e593c70a34
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a7e687e6da7c209ee6f510f49c02af05b582008fa29bf5f8c893cbe5d07b5a0f
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
b4e13931ab40de24157618e15c0acf8709db66a56f5924bebb3834c5f632105d
c6a09d0e993cacb6359c2f5949c33f744d7d0ed67422a3efddc4fe04e792a5fc
ded7b3075d75ad0984ff6558f5c8537a9d603eab211d999fd4c35e274d11f97e
ec3f80e747dcbe72d41eee2245dc8e26b79f07fa71f9ea7f2d91ebe7f867d5a6

id.meridiancu.sandbox.thinkingcapital.ca Open in urlscan Pro 52.200.34.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

22 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

1224 kBTransfer

2899 kBSize

1 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

id.meridiancu.sandbox.thinkingcapital.ca Open in urlscan Pro
52.200.34.95 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1224 kB
Transfer

2899 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions