payment.mdccanada.ca Open in urlscan Pro
165.232.36.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u.agccall.com/ca542f
Effective URL:
https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Submission: On June 27 via manual (June 27th 2024, 8:15:07 pm UTC) from CO — Scanned from GB

Summary HTTP 109 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 20 domains to perform 109 HTTP transactions. The main IP is 165.232.36.183, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is payment.mdccanada.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2023. Valid for: 10 months.

This is the only time payment.mdccanada.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.99.195.78 167.99.195.78	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 20	165.232.36.183 165.232.36.183	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
9	52.92.202.106 52.92.202.106	16509 (AMAZON-02) (AMAZON-02)
3	52.217.113.17 52.217.113.17	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:223... 2600:9000:223f:f800:15:20a2:3900:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
9	35.244.143.131 35.244.143.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:267... 2600:9000:2670:5000:c:ec32:f140:21	16509 (AMAZON-02) (AMAZON-02)
4	52.218.181.241 52.218.181.241	16509 (AMAZON-02) (AMAZON-02)
5	167.99.182.231 167.99.182.231	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	16.182.72.49 16.182.72.49	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:5400:d:bdb7:5480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:12d... 2a02:26f0:12d::1730:ca41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	76.223.64.65 76.223.64.65	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	18.245.60.122 18.245.60.122	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
109	28

1 167.99.195.78 (Slough, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

u.agccall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 165.232.36.183 (Slough, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

payment.mdccanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.92.202.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

cv-media-files.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.113.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

canadian-visa-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:223f:f800:15:20a2:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d1ac9zce9817ms.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.143.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.143.244.35.bc.googleusercontent.com

api.exponea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:5000:c:ec32:f140:21 (United States)

ASN16509 (AMAZON-02, US)

d1dje5mxb6emkl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.218.181.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

cv-media-files.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 167.99.182.231 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)

lps.canadianvisa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 16.182.72.49 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mdc-new-funnel-v2.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:5400:d:bdb7:5480:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.branderblender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d::1730:ca41 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-icons-png.flaticon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.64.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

lcgroups-org.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.branderblender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-122.fra60.r.cloudfront.net

465930902273542.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	amazonaws.com cv-media-files.s3-us-west-2.amazonaws.com canadian-visa-media.s3.amazonaws.com cv-media-files.s3.us-west-2.amazonaws.com mdc-new-funnel-v2.s3.amazonaws.com	788 KB
20	mdccanada.ca 1 redirects payment.mdccanada.ca	2 MB
18	cloudfront.net d1ac9zce9817ms.cloudfront.net d1dje5mxb6emkl.cloudfront.net	626 KB
9	exponea.com api.exponea.com — Cisco Umbrella Rank: 28609	71 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
5	freshchat.com lcgroups-org.freshchat.com 465930902273542.webpush.freshchat.com	24 KB
5	canadianvisa.org lps.canadianvisa.org	112 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	494 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	branderblender.com ob.branderblender.com — Cisco Umbrella Rank: 574859 obs.branderblender.com — Cisco Umbrella Rank: 523416	38 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260	60 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	72 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3549	232 B
1	flaticon.com cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 53723	30 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	64 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	agccall.com 1 redirects u.agccall.com	295 B
109	20

	Domain	Requested by
20	payment.mdccanada.ca	1 redirects payment.mdccanada.ca
17	d1ac9zce9817ms.cloudfront.net	payment.mdccanada.ca
9	api.exponea.com	payment.mdccanada.ca api.exponea.com
9	cv-media-files.s3-us-west-2.amazonaws.com	payment.mdccanada.ca
5	region1.google-analytics.com	www.googletagmanager.com
5	lps.canadianvisa.org	payment.mdccanada.ca
5	www.googletagmanager.com	payment.mdccanada.ca www.googletagmanager.com
4	lcgroups-org.freshchat.com	payment.mdccanada.ca lcgroups-org.freshchat.com
4	mdc-new-funnel-v2.s3.amazonaws.com	payment.mdccanada.ca
4	cv-media-files.s3.us-west-2.amazonaws.com	payment.mdccanada.ca
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com payment.mdccanada.ca
3	canadian-visa-media.s3.amazonaws.com	payment.mdccanada.ca
3	cdn.jsdelivr.net	payment.mdccanada.ca
2	www.facebook.com	payment.mdccanada.ca
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	connect.facebook.net	payment.mdccanada.ca connect.facebook.net
1	465930902273542.webpush.freshchat.com	lcgroups-org.freshchat.com
1	obs.branderblender.com	ob.branderblender.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cdn-icons-png.flaticon.com	payment.mdccanada.ca
1	ob.branderblender.com	www.googletagmanager.com
1	static.hotjar.com	payment.mdccanada.ca
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	d1dje5mxb6emkl.cloudfront.net	payment.mdccanada.ca
1	fonts.googleapis.com	payment.mdccanada.ca
1	u.agccall.com	1 redirects
109	28

This site contains links to these domains. Also see Links.

Domain
canadianvisa.org

Subject Issuer	Validity	Valid
*.mdccanada.ca Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-09-01`	10 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
api.exponea.com WR3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.canadianvisa.org Sectigo RSA Domain Validation Secure Server CA	`2023-08-17` - `2024-09-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.branderblender.com Amazon RSA 2048 M03	`2024-05-27` - `2025-06-26`	a year	crt.sh
*.flaticon.com E6	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.freshchat.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-18`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon RSA 2048 M02	`2024-06-04` - `2025-07-03`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Frame ID: 17B6ABE68D76B92E3641186C86579CEF
Requests: 112 HTTP requests in this frame

Frame: https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://payment.mdccanada.ca
Frame ID: 26E47BC1140EC579051E022272E1D606
Requests: 1 HTTP requests in this frame

Frame: https://lcgroups-org.freshchat.com/widget/?token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&referrer=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==&eagerLoad=true
Frame ID: D7C2CA4C82E1796A7D911604F7B11057
Requests: 1 HTTP requests in this frame

Frame: https://465930902273542.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==
Frame ID: C8801635CDB8B546AA82470B6E1D29F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trust Pay payment

Page URL History Show full URLs

https://u.agccall.com/ca542f HTTP 302
https://payment.mdccanada.ca/auto-login/vye-kzk23GDfeiJkRQsH5JK2bHIsuxiH?lang=en&gclid=1677172565.1717723528 HTTP 301
https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

109
Requests

100 %
HTTPS

54 %
IPv6

20
Domains

28
Subdomains

28
IPs

4
Countries

4574 kB
Transfer

7115 kB
Size

16
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://canadianvisa.org/why-use-rcic
Title: Why Use an RCIC?

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration
Title: Canada Immigration

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/express-entry
Title: Express Entry

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/skilled-worker
Title: Professional And Skilled Worker

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/skilled-worker/quebec-skilled-worker-visa
Title: Quebec Skilled Worker Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/skilled-worker/federal-skilled-worker
Title: Federal Skilled Worker Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee
Title: Provincial Nominee Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/alberta-pnp
Title: Alberta

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/british-columbia-pnp
Title: British Columbia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/manitoba-pnp
Title: Manitoba

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/new-brunswick-pnp
Title: New Brunswick

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/newfoundland-and-labrador-pnp
Title: Newfoundland and Labrador

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/northwest-territories-pnp
Title: Northwest Territories

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/nova-scotia-pnp
Title: Nova Scotia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/ontario-pnp
Title: Ontario

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/prince-edward-island-pnp
Title: Prince Edward Island

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/saskatchewan-pnp
Title: Saskatchewan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/yukon-pnp
Title: Yukon

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/provincial-nominee/quebec-pnp
Title: Quebec

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship
Title: Family Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/spousal-and-family-sponsorship
Title: Spousal and Family Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/common-law-partner-sponsorship
Title: Common-Law Partner Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/parental-sponsorship-program
Title: Parent and Grandparent Sponsorship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/family-sponsorship/supervisa
Title: Super Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business
Title: Business Immigration

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/self-employment-program
Title: Self Employed Program

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/investor-visa
Title: Investor Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/entrepreneur-visa
Title: Entrepreneur Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/business/business-visitor-visa
Title: Business Visitor Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada
Title: Study In Canada

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/list-of-academic-instutions
Title: University List

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/british-columbia-university
Title: British Columbia University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/british-columbia-institute
Title: British Columbia Institute of Technology

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/mcgill-university
Title: McGill University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/simon-fraser-university
Title: Simon Fraser University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/vancouver-film-school
Title: Vancouver Film School

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/university-list/fairleigh-dickinson-university
Title: Fairleigh Dickinson University

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/work-as-a-student
Title: Work As A Student

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/post-graduate
Title: Post Graduate

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/study-permit-visa-partners
Title: Study Permit Visa Partner

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/study-in-canada/canada-education-system
Title: Canada Education System

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/visitors-visa
Title: Visitors Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/temporary-visa
Title: Temporary Visa'

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/temporary-visa/caregiver-visa
Title: Caregiver Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/temporary-visa/working-holiday-visa
Title: Working Holiday Visa

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/permanent-residency
Title: Permanent Residency

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/canada-immigration/ielts-course
Title: IELTS Course

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada
Title: Life In Canada

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces
Title: Provinces

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/alberta
Title: Alberta

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/british-columbia
Title: British Columbia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/manitoba
Title: Manitoba

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/new-brunswick
Title: New Brunswick

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/newfoundland-and-labrador
Title: Newfoundland and Labrador

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/northwest-territories
Title: Northwest Territories

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/nova-scotia
Title: Nova Scotia

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/nunavut
Title: Nunavut

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/ontario
Title: Ontario

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/life-prince-edward-island
Title: Prince Edward Island

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/quebec
Title: Quebec

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/saskatchewan
Title: Saskatchewan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/provinces/yukon
Title: Yukon

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment
Title: Employment

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/industry-specific-job-websites
Title: Industry Specific Job Listing Websites

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/general-job-websites
Title: General Job Listing Websites

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/youth-job-websites
Title: Youth Job Listing Websites

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/resume-writing
Title: Resume Writing

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/job-applications
Title: Job Applications

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/cover-letter
Title: Cover Letter

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/interview-questions
Title: Interview Questions

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/salary-negotiation
Title: Salary Negotiation

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/facts-about-working-in-canada
Title: Facts About Working in Canada

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/job-skills
Title: Job Skills

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/how-to-perform-well-at-work
Title: How to Perform Well at Work

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/worker-rights
Title: Workers' Rights

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/health-and-safety
Title: Health and Safety

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/canadian-employers
Title: Canadian Employers

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/employment/professional-immigrant-networks
Title: Professional Immigrant Networks

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/economy/basic-information
Title: Basic Information

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/economy/canada-economic-structure
Title: Canada Economic Structure

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries
Title: Key Industries

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/service-industry
Title: Service Industry

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/manufacturing
Title: Manufacturing

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/natural-resources
Title: Natural Resources

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/key-industries/mining-sector
Title: Mining Sector

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/festivals-cultural-attractions
Title: Festivals and Cultural Attractions

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/places-of-worship
Title: Places of Worship

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/religious-rights
Title: Religious Rights

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/multiculturalism
Title: Multiculturalism

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/associations
Title: Associations

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/culture/volunteer-work
Title: Volunteer Work

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care
Title: Health Care

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/ontario-health-plan
Title: Ontario Health Insurance Plan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/british-columbia-health-plan
Title: British Columbia Health Plan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/alberta-health-plan
Title: Alberta Health Plan

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/health-care/extended-health-coverage-plans
Title: Extended Health Plan Coverage

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/insurance
Title: Insurance

Search URL Search Domain Scan URL

URL: https://canadianvisa.org/life-in-canada/insurance/personal-insurance
Title: Personal Insurance

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u.agccall.com/ca542f HTTP 302
https://payment.mdccanada.ca/auto-login/vye-kzk23GDfeiJkRQsH5JK2bHIsuxiH?lang=en&gclid=1677172565.1717723528 HTTP 301
https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request payment Show response
payment.mdccanada.ca/trust/
Redirect Chain

https://u.agccall.com/ca542f
https://payment.mdccanada.ca/auto-login/vye-kzk23GDfeiJkRQsH5JK2bHIsuxiH?lang=en&gclid=1677172565.1717723528
https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

170 KB
22 KB

81ms
81ms

Document
text/html

165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e72493ff19eb55ec986e4262cfe6505e5d18469d8ed8b2782c63ba8ce368f96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jun 2024 20:14:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jun 2024 20:14:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: /trust/payment?lang=en&gclid=1677172565.1717723528
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 228ms
67ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d01cc02e7815491811415ef14e942f40da3494ac3f66857b71d9e9af0bd4f960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 20:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 19:58:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 20:14:59 GMT

GET
H/1.1 200
OK new_payment.css
payment.mdccanada.ca/css/ 11 KB
12 KB 39ms
30ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/new_payment.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dc212ea48be0d47520560a1f9782cbf1782fe2e525241c87b832a6aafc5f8c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 May 2024 11:35:05 GMT
Server: nginx
ETag: "664c86e9-2d36"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11574
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK trust.css
payment.mdccanada.ca/css/modules/ 2 KB
3 KB 70ms
29ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/modules/trust.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bbda4f52b4e1782ef1320279f63978683c3f12f4442956dfbc12cbc91ba295dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-91b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2331
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK payment_link.css
payment.mdccanada.ca/css/modules/ 35 KB
35 KB 101ms
30ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/modules/payment_link.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

58436a4fa28a17c2689f8375d01095276e95cac03517b3c649e14f06c195f3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-8a2d"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35373
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.css
payment.mdccanada.ca/assets/dc93def/css/ 143 KB
143 KB 134ms
31ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/dc93def/css/bootstrap.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-23a0d"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145933
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK site.css
payment.mdccanada.ca/css/ 11 KB
12 KB 153ms
34ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/site.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

86316eec675b32346b1a476a7495b040ac3f45f0281918c222c984edc54cacda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-2c9f"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11423
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.formstyler.css
payment.mdccanada.ca/css/ 2 KB
2 KB 155ms
33ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/jquery.formstyler.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7f62e179ab6ac34a40148be67c533c8dfbefecceb73a1b721ef0c7e3154d3da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-729"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1833
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.formstyler.theme.css
payment.mdccanada.ca/css/ 10 KB
11 KB 154ms
31ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/jquery.formstyler.theme.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8ddb060965730ddb8fd83e8a3897f129847f9a85cfde5cded2afd0bcbf5edd2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-29eb"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10731
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
payment.mdccanada.ca/css/ 198 KB
199 KB 172ms
49ms Stylesheet
text/css 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/css/main.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8f6f12c27aa252907afd89baf65e862d08617d79d070e9719ab42d9b65637ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Oct 2020 12:56:39 GMT
Server: nginx
ETag: "5f7b1807-31934"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 203060
X-XSS-Protection: 1; mode=block

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
2 KB 608ms
58ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 20:15:00 GMT
x-content-type-options: nosniff
age: 10858634
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1776
x-served-by: cache-fra-eddf8230085-FRA, cache-lon420111-LON
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 585ms
35ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1784529
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 928
x-served-by: cache-fra-eddf8230023-FRA, cache-lon420111-LON
x-jsd-version-type: version
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK en.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/ 2 KB
2 KB 852ms
376ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/en.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 289ed5b990a607d3c5ff04e87fc1f22ae935a0900df68a5f465c5ac5923ca01d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: KRmUoLe8soupkoASJAjuODo0RGuCr.X7
Last-Modified: Fri, 14 Aug 2020 13:08:46 GMT
Server: AmazonS3
x-amz-request-id: MXW3CN3W75RH8GTK
ETag: "1e4d5f2c0146abab8311a29aadb4871a"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 1618
x-amz-id-2: 4YZ+UpPy29vvOODINZzz8tGXBU5w3qAWvKLd9vYRbXQ72Mo891Eac93eif0dmCyuFa/i8b6vY3U=

GET
H/1.1 200
OK es.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/ 2 KB
3 KB 848ms
372ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/es.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb9e40dc843c17b5aa1b783927cd2b4312d192a0f796aaf4c112e760b5e2af2e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: jG629sYL1kau8huIwp_B2BG5eC57USBG
Last-Modified: Fri, 14 Aug 2020 13:08:46 GMT
Server: AmazonS3
x-amz-request-id: MXW9MM8MXEQXTWMA
ETag: "ca16fd142f2e7195d88b3c77c9d43fc7"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 2141
x-amz-id-2: RUooTMBPA76FhjqxJ1ApaXi8r076n23GunNTkbmPuHZtKjWRFtGWl7Tbv2ngNqYfwlSas86WGp0=

GET
H/1.1 200
OK fr.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/ 1 KB
2 KB 832ms
373ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/lang/fr.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae62aca8866fbca77e935b5429119eeda9d3646a1cc52568d35e10a580f553b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: liTgUORUfzgP7FNuzT35kYSsgNU5LGqG
Last-Modified: Fri, 14 Aug 2020 13:08:46 GMT
Server: AmazonS3
x-amz-request-id: MXWBV2SGMHGHJTXT
ETag: "0e1f5874be9988bd42194c7dd4e82323"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 1448
x-amz-id-2: GeIJGn3QeJileR2Fm6/ZJq/PgxIuAfReNiZ2ZXqrX+H2ouVRsQVl/URY4OfXJW3r+hbxSbmMlZM=

GET
H/1.1 200
OK pt.svg
canadian-visa-media.s3.amazonaws.com/images/payment/ 12 KB
12 KB 428ms
123ms Image
image/svg+xml 52.217.113.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadian-visa-media.s3.amazonaws.com/images/payment/pt.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.113.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d1bcd0b606710857e19aaa7cccd62c7264318271649738e76006c05f30d01062

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:00 GMT
x-amz-version-id: tf.DMiSuGJGUmLjNaOuP64dY3rdOZ2Uo
Last-Modified: Wed, 24 Nov 2021 15:55:46 GMT
Server: AmazonS3
x-amz-request-id: CCSPT4FEBZ8X4KDA
ETag: "7f2bbb3c489b6c954ab3900a05bdbcfb"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 12204
x-amz-id-2: o7BfJPXiVAKw0ndcHvnnVdYVSNtv/tn//sV59Z7kEqekxOA+Jv0WVBjP3e8MOBTMXbOA2UlibcI=

GET
H/1.1 200
OK Icon_logo_white.svg
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/ 7 KB
7 KB 845ms
386ms Image
image/svg+xml 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/Icon_logo_white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 349bea457c5a6e16fb7487465feebabee1c45429c4317aa9706ef5f7599668df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: RPw_oBGIZCe6WuuK2.SKUijujMnJVWzs
Last-Modified: Wed, 12 Aug 2020 11:07:46 GMT
Server: AmazonS3
x-amz-request-id: MXW8JJ160E2MVGYP
ETag: "f8fe1aa5e6d28b5277574395180262d1"
Content-Type: image/svg+xml
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 6896
x-amz-id-2: wh3LsY2Gg+hJWXHv/u/uThaGbgmhZjkQVBWo/kGjVLkfN5KPNyaLWeWTKPqa+mSzZpb5BmIzo9w=

GET
H/1.1 200
OK create-modal.svg
canadian-visa-media.s3.amazonaws.com/images/payment/ 2 KB
3 KB 484ms
142ms Image
image/svg+xml 52.217.113.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadian-visa-media.s3.amazonaws.com/images/payment/create-modal.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.113.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3ba06f927fc8f1d2fc014511c260d22f2a9ad71908ae85217947364b346c3128

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:00 GMT
x-amz-version-id: 2FsIWGA8q4R9asfRQEhke5SzNx4NjmeK
Last-Modified: Tue, 24 Mar 2020 16:27:13 GMT
Server: AmazonS3
x-amz-request-id: CCSNQRNASER0AJ9Y
ETag: "5a452d0055827bb9e4646f9ee2d4cff1"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2312
x-amz-id-2: jQFrfJM8wTityhp0fGtaQNELR4MgyK6n67I4wOXOmabbhECXlp6x5DL8NTZAScYCSsPqloGAjqI=

GET
H2 200 Logo_white.svg
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 43 KB
21 KB 255ms
66ms Image
image/svg+xml 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/Logo_white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e26d26fbcf10cdc20e715a8fc167a216ae90f792c6cc76256512c41bf4d5ff5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xDatzbNuq41SX59ggsv.2CCUY3lo0UMO
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 11:08:23 GMT
last-modified: Tue, 14 Mar 2023 08:58:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 32797
x-amz-server-side-encryption: AES256
etag: W/"09479b8cf4b2e78a7c0e877faa4bde62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
x-amz-cf-id: q34J_cgV2sMkOUyqhKvVmk9AemCJqWoNC-7cZA6BfQ6qsCHHLoZl6g==

GET
H2 200 Logo_light_full.svg
d1ac9zce9817ms.cloudfront.net/images-new/general/ 12 KB
3 KB 325ms
137ms Image
image/svg+xml 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images-new/general/Logo_light_full.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94586f5b7f5e497ea5035fc2a1cff44b3103f268b903c3a5bde1746e7d122134

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: G_7YlIfERLFgY1aWuSnJ2tExmOHMv8R_
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 20:15:00 GMT
last-modified: Thu, 23 Mar 2023 10:57:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: W/"b4dd752c38a231a22bfa2e7b9cc03b8f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
x-amz-cf-id: MBfcMXO2VCGoxoOd3sH7YSzyqPbCQk7QSOM4OM1tJ1UNu7v26s8dZQ==

GET
H2 200 tp_rev_transparent.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 5 KB
6 KB 275ms
86ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/tp_rev_transparent.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7027af9bf75f5a7ca52a3e04aa292a4d30342919772a2e354018ea2b150b30af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0e7dDdnbPflPq.Nff76P3.hh_poYzy41
date: Thu, 27 Jun 2024 09:36:02 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 38338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 5579
last-modified: Thu, 29 Feb 2024 13:49:44 GMT
server: AmazonS3
etag: "74b6140d723b52afa5ae9cf0511ff79b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: nhQRlYUPDZ5gdcBkmEqn7tnZMUWK0x2eYOvG4NYU8k02tjo9avg5bw==

GET
H2 200 g_rev_transparent.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 5 KB
5 KB 275ms
87ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/g_rev_transparent.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d833367b6cbfffdf170d0d33673e35c1ce616654245378d14ef3890937f9f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: tIwJkQBc0N2aIzDVTOITToJh1GfaxQkr
date: Thu, 27 Jun 2024 11:04:40 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 33020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 5156
last-modified: Thu, 29 Feb 2024 13:40:24 GMT
server: AmazonS3
etag: "ef1bec30b39acb8ad0ff019f316c0bbc"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: N38mMT_6ABweMrLQ4GA6MBtkXP_ewEljxoXY4rQJep2l83qIrm9U7Q==

GET
H/1.1 200
OK card-group.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/ 9 KB
9 KB 627ms
206ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/card-group.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b7d630946321a7efc3e58f1aa67a71444556ee05315acca9230a23ceea5f6f90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: J1BCH_fWFzgOlnA5lwAtvmPEt0K1SxDk
Last-Modified: Thu, 30 Jul 2020 13:57:18 GMT
Server: AmazonS3
x-amz-request-id: MXW4C9P92Q8QEAM7
ETag: "6f744eb9c133de88a868b38f41d16d66"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 9067
x-amz-id-2: EBm7ypBZq56OnsXBg7PHHKYV4hWRoKNN9arKqF9m1Ke472PluAl3V28p+BIW39PZjmopiBJr8A0=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 344 KB
112 KB 260ms
101ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7592d319a0a4a9526994ed0ff964af43ac8415daa11c04f699b7fc38fc4bfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114119
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 19:19:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 20:15:00 GMT

GET
H2 200 exponea.min.js Show response
api.exponea.com/js/ 186 KB
56 KB 191ms
47ms Script
application/javascript 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/js/exponea.min.js
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8e662d4fd88fcb84ade7d9f7bfa88d2b5a75bc538912f448e49e6495ba2c30a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 06 Jun 2024 13:06:43 GMT
server: nginx
etag: "6661b463-e062"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57442
expires: Thu, 27 Jun 2024 21:15:00 GMT

GET
H2 200 modifications.min.js Show response
api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/new/ 34 KB
13 KB 229ms
86ms Script
application/javascript 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/new/modifications.min.js?http-referer=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&timeout=4000ms
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: c7b81343fb4a500a1d636674c4cc0f28bc99be5dd2091ebf22dfcbdabaf704b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
content-encoding: gzip
via: 1.1 google
etag: "c7b81343fb4a500a1d636674c4cc0f28bc99be5dd2091ebf22dfcbdabaf704b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cve.js.br Show response
d1dje5mxb6emkl.cloudfront.net/cve/ 77 KB
22 KB 651ms
457ms Script
binary/octet-stream 2600:9000:2670:5000:c:ec32:f140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1dje5mxb6emkl.cloudfront.net/cve/cve.js.br
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5000:c:ec32:f140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b92c75200923ef3bcff1325670e81e27e37227ab9b018cf8568a0eedbe514351

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:01 GMT
content-encoding: br
via: 1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22245
last-modified: Tue, 16 Apr 2024 14:16:26 GMT
server: AmazonS3
etag: "9feabaa7be3d1b7a7e4c76e1d535e879"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: 2XIZoKf29YdCWvm3URoKhcp1B8uw14MNqPCxTD1a5BMlKj7R6-MDow==

GET
H/1.1 200
OK Icon_lock.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/ 236 B
681 B 449ms
205ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/Icon_lock.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 29e0c20c1b7e313e437c62e81edee8be34f107a2873ac72e5f84f6ea8a85daae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: edI7BzEhEb2uJF2UwYel0NKKWQ9Q4YM2
Last-Modified: Thu, 30 Jul 2020 13:19:44 GMT
Server: AmazonS3
x-amz-request-id: MXW0Z89QCWWXFA4C
ETag: "b6d1e934620fda7762fbc4ac7c8b5756"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 236
x-amz-id-2: LDhSM3hdT037J7iWxHzKUKYQX6QMf01/rAAdFcqabz3QKA5bWjP9aaO8/RflRllCwOBhAazhYNM=

GET
H2 200 card-lock.svg
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/card-lock.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e386804fca2de27287995ee6100058179f0c2b9a7d7883b5a4dfa4fcf4819891

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: R8rB.UEz1er6VX8.uPDZ_I9zYrRzBPb9
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
date: Thu, 27 Jun 2024 11:08:23 GMT
last-modified: Tue, 14 Mar 2023 09:40:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 32798
x-amz-server-side-encryption: AES256
etag: W/"54fb9c47f6ed45092c9292dd74916817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
x-amz-cf-id: 35fcaG-i-xeFQZ9-5xlpgXw_8dnGlUx2VtwtPMvzVyyk4pRgBG81BQ==

GET
H2 200 check-white.svg
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/trust_multi/ 654 B
1 KB 126ms
125ms Image
image/svg+xml 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/trust_multi/check-white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b48eb21e579e004fcce778b98126f11f4879b06444b6185779c3a949d001116

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 12:24:20 GMT
x-amz-version-id: BWs7wJgv3f9M2pUhofAZBIkJJRK_OIdS
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jul 2022 07:18:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 28241
etag: "bc8db4b60382879bcd3b4fb900d16aa1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 654
x-amz-cf-id: 1IdSDDRduVeYysGaR-bq2egXUWbng2uIvYqRTHMigz-nd4BLUqIU8A==

GET
H2 200 mdc_david.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 126 KB
126 KB 81ms
80ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_david.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68b1a10699dad6e61ccb4093cf5017571e42d1cefaca62669581677956cac152

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Vmmk46e9vCsV2chz6OL6mNBGuz7n9ADE
date: Thu, 27 Jun 2024 09:36:02 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 38339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 128922
last-modified: Tue, 14 Mar 2023 12:02:12 GMT
server: AmazonS3
etag: "dd4c5846b5d60fb8103f9a866700c4cf"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 7-CNIXqDYqeIHo-Zvr6AJufEPGhm9EFQXYXqZf5okwz0RIy4Y3xmAQ==

GET
H2 200 mdc_giovanni.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 112 KB
112 KB 126ms
126ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_giovanni.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ed0105089a46f9fdad6234d109091776b6b42a9fb716b1a8a3745228a4a1186

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QsqwtYn5gppbbGyuYt8pTd4sLdZHL9KK
date: Thu, 27 Jun 2024 11:08:23 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 32798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 114621
last-modified: Tue, 14 Mar 2023 12:02:09 GMT
server: AmazonS3
etag: "fdda75bd98dd31a3ca6f2db8d70c403a"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: zILGY02fefG54kDRx_eLke81uQZdSM8nS3QnuGi5pmquKVi24L7WGA==

GET
H2 200 mdc_jimmy.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 131 KB
132 KB 102ms
102ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_jimmy.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddda2cc348b4d18cee0a59c17740f40f56b46f914dbf023ad4b1af3c0c5d68c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FOYJs_8_VDBcMfJDZqWwY0GNq1r0AWGa
date: Thu, 27 Jun 2024 11:08:23 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 32798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 134498
last-modified: Tue, 14 Mar 2023 12:02:10 GMT
server: AmazonS3
etag: "1e0858a912f37440b796936c7d81834d"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 4ceiDZPdG7HsnTho4gGyEicIM132LqwZgBQ7bzWZrbW367NJG2tPIQ==

GET
H2 200 mdc_alireza.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 95 KB
96 KB 128ms
128ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_alireza.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eca0c7e678919f04535499591de95afb80f21ec06a2e3c1cf94099f990261c6a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Tt.wO6ljuHG0zBpYadXRxPYcZAlnED71
date: Thu, 27 Jun 2024 20:15:01 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 12:02:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "c473217159b06cb51524f3864db08f6f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 97719
x-amz-cf-id: JBG9OWwgQn4vJDPlFZZUZ7EH3G3ecJYIT1JGGaT8vEnw0w0M_bDqTg==

GET
H/1.1 200
OK mdc_katherine_2.jpg
cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/ 74 KB
74 KB 666ms
206ms Image
image/jpeg 52.218.181.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/mdc_katherine_2.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.181.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6fb84f62990a7291458a9bce450191cadabd9416e526e79efd28ce0d7c4b881e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: pOmdsJJvzmnAsSKhpT2jwu0UPpAfbIPP
Last-Modified: Tue, 11 Apr 2023 12:50:06 GMT
Server: AmazonS3
x-amz-request-id: MXWE5NYYVGW18MCD
ETag: "27fce1a23b9fce2190cf742277e18333"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 75725
x-amz-id-2: OBG2m3++ah60pf5LHG2olws3n5xV2UziE96b0VkSIotoUi5h+rphqvKKhW2H/tiKDua80vs1d8U=

GET
H/1.1 200
OK mdc_solange_2.jpg
cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/ 77 KB
78 KB 669ms
206ms Image
image/jpeg 52.218.181.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/mdc_solange_2.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.181.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc4a3465c4c5d5ccd423dcbcaeb603c4bd0f63bce1150b4efbd7fddaf740b4c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: WkM4HyhS83iLjABD9IkGLysS092XnPWH
Last-Modified: Tue, 11 Apr 2023 12:50:03 GMT
Server: AmazonS3
x-amz-request-id: MXWE8YD01WQZS93G
ETag: "6a4d21d6751a8054e1fac9b72ef07b33"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 78991
x-amz-id-2: Yp0fef4ZZIRtf8LSgYMGmOlocadN3hLCg/bKMBLGkB0ni/dFUE1w1MZKraZRp3xNRYWdFAib6LA=

GET
H/1.1 200
OK mdc_eladoria_2.jpg
cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/ 74 KB
74 KB 651ms
202ms Image
image/jpeg 52.218.181.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/video/mdc-eval-landing/mdc_eladoria_2.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.181.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f98e99a9093900de6d892130893996c5b6d931655179eb32f057959ef02e5165

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: r8crKw58lKU_x.IGaJpZnRS63oO.NieF
Last-Modified: Tue, 11 Apr 2023 12:50:05 GMT
Server: AmazonS3
x-amz-request-id: MXW1MVS717MXT3EN
ETag: "d7eb4d32357b712b22a95b31b57e00d4"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 75375
x-amz-id-2: Uy2JvDy/ATVogRkX74smOTHeQsjBCaWekN9DV+7+doOE+nI64gOzVL58/CPOlTrZWwQig9pdIhE=

GET
H2 200 tp_rev.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 9 KB
9 KB 164ms
164ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/tp_rev.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 158846df28c60719849d9258e6b56cb7726cbb61e30a15fd5afa58b62cf376d2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: iAsR_qDKSX8DuxV8Jjm86hVuUGnhmz7K
date: Thu, 27 Jun 2024 20:15:01 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 13:45:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "3293819f9178a409e62f6673de9d3057"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 8928
x-amz-cf-id: 6Q9LNmYHrMvdtG1eStEVoqYVSl4kI2jJEdQyWRxa-72CXBTwUS1RsA==

GET
H2 200 g_rev.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 10 KB
10 KB 62ms
61ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/g_rev.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 742d2a43bc2e07e4ce994c97173ee31ca0aaf595d0986788f4c5c71ca670c4e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MMmTEJxetAhs_f8VWrTiJK9uQzct1Crf
date: Thu, 27 Jun 2024 11:04:40 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 33021
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 10233
last-modified: Thu, 29 Feb 2024 13:45:16 GMT
server: AmazonS3
etag: "d535d2bd4fb71428dbf11d1e78f0183b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 1VEk8qLDRdNyf4wxAEkosMNwjreXLv34BQMKplFNz_QAlM0Kxy5IeQ==

GET
H2 200 David.png
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/ 53 KB
53 KB 1248ms
936ms Image
image/png 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/David.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f5798d2bf40221b1a159edce182993d2cde63dd4ec3a945532411bf07f7e4ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 27 Jun 2024 20:15:00 GMT
last-modified: Thu, 12 Nov 2020 15:54:09 GMT
server: nginx
etag: "5fad5aa1-d29c"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 53916
expires: Fri, 27 Jun 2025 20:15:00 GMT

GET
H2 200 Jimmy.png
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/ 55 KB
55 KB 615ms
304ms Image
image/png 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/uploads/Jimmy.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 92cd6e6acd0b0744801db343d0fa4a32f5c106925a19628a5fca948e6aacf92f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 27 Jun 2024 20:15:00 GMT
last-modified: Thu, 12 Nov 2020 15:54:12 GMT
server: nginx
etag: "5fad5aa4-db9a"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 56218
expires: Fri, 27 Jun 2025 20:15:00 GMT

GET
H/1.1 200
OK canadianvisa_logo_white.svg
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/funnels/ 8 KB
9 KB 220ms
209ms Image
image/svg+xml 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/funnels/canadianvisa_logo_white.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5afd6716402effa7da36565f71ba6a3840147dad4c3bebb097ed32e840f0b717

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: 0mcYeB5Muhm4D_SGO3PdmDNvhcqwX9SB
Last-Modified: Wed, 12 May 2021 13:33:04 GMT
Server: AmazonS3
x-amz-request-id: MXWF3TMZ67W6A8PW
ETag: "79a5555b4c28c84df85aeb1beb7610f5"
Content-Type: image/svg+xml
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 8493
x-amz-id-2: zj9a0SJsjkruM4KqbpOQRg7aKlpQHD7XNV8TyPS8MM0v3wc/NB+5Jj9dVaSDR17JwZA58Xj+cVY=

GET
H2 200 Facebook.svg
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/ 627 B
836 B 597ms
300ms Image
image/svg+xml 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/Facebook.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3da68c427952c6f87a17fbd75f6fd18acda783257d0de6c54cc970d35dde072d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 27 Jun 2024 20:15:00 GMT
last-modified: Thu, 12 Nov 2020 15:54:18 GMT
server: nginx
etag: "5fad5aaa-273"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 627
expires: Fri, 27 Jun 2025 20:15:00 GMT

GET
H2 200 Twitter.svg
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/ 973 B
1 KB 1310ms
1207ms Image
image/svg+xml 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/Twitter.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c6e0676d3ea2badee784595660572ef3d5354c27ba7ce101071c423372384d6c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 27 Jun 2024 20:15:00 GMT
last-modified: Thu, 12 Nov 2020 15:54:20 GMT
server: nginx
etag: "5fad5aac-3cd"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 973
expires: Fri, 27 Jun 2025 20:15:00 GMT

GET
H2 200 Instagram.svg
lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/ 1 KB
2 KB 1309ms
1207ms Image
image/svg+xml 167.99.182.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lps.canadianvisa.org/wp-content/themes/Divi/v39assets/images/icon/Instagram.svg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.99.182.231 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ebb556a29ec199dd9b046ef88c0e42e4b702cefd3033f98f60bcebe03f151dc5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 27 Jun 2024 20:15:00 GMT
last-modified: Thu, 12 Nov 2020 15:54:15 GMT
server: nginx
etag: "5fad5aa7-5ce"
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1486
expires: Fri, 27 Jun 2025 20:15:00 GMT

GET
H/1.1 200
OK card-error.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/ 2 KB
2 KB 214ms
214ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/card-error.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b62070ba47b830d8cd7b32f00ced8b7c40824ca86891e844b5f9198aa54e4687

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: tpYXAcurw73gzTkNOG1iWWCD8gLu0BHj
Last-Modified: Thu, 30 Jul 2020 11:12:24 GMT
Server: AmazonS3
x-amz-request-id: MXWF9M7EA9483EVH
ETag: "ebd4d37e5960e088554b831142334709"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 2020
x-amz-id-2: joMLN9FXG5G2ABgfgmXNBrCGSbdlyKlkgTigCZXOw0INk3dctzEvwQ78QlFQKBCxCV+g+tX6aSI=

GET
H/1.1 200
OK payment_link.js Show response
payment.mdccanada.ca/js/funnels/ 941 B
1 KB 33ms
31ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/funnels/payment_link.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f4939b06b39ac47cccffd4a2022abb4b73b9f79f57bfd26e361f237018efc127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-3ad"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 941
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK angular.js Show response
payment.mdccanada.ca/assets/cc9826c1/angular/ 1 MB
1 MB 33ms
33ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/cc9826c1/angular/angular.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

593da46ed8890edf70f2e97e82a629c931da3c72302b32a8663942c9b5c307d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:57 GMT
Server: nginx
ETag: "60ee8591-140899"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1312921
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cleave.js Show response
payment.mdccanada.ca/plugins/cleave_js/dist/ 50 KB
51 KB 34ms
34ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/plugins/cleave_js/dist/cleave.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

70a0d31f41f96de2fe35b36a20f289f45e28d7da1b39c0b4ec677e28b68a6c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Aug 2020 11:46:06 GMT
Server: nginx
ETag: "5f3284fe-c9a3"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51619
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK trust.js Show response
payment.mdccanada.ca/js/modules/ 9 KB
9 KB 49ms
48ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/modules/trust.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a99e7839f9d91a4ecfd4ce6cbc41d88caa860117ef4440d36e244290d6bab862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Mar 2024 13:59:47 GMT
Server: nginx
ETag: "65e72553-2358"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9048
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.js Show response
payment.mdccanada.ca/assets/864425d/ 281 KB
281 KB 39ms
38ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/864425d/jquery.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-4638e"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 287630
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK yii.js Show response
payment.mdccanada.ca/assets/eeb5300d/ 20 KB
21 KB 31ms
30ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/eeb5300d/yii.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-51c6"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20934
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.js Show response
payment.mdccanada.ca/assets/dc93def/js/ 74 KB
74 KB 39ms
38ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/assets/dc93def/js/bootstrap.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Jul 2021 06:34:56 GMT
Server: nginx
ETag: "60ee8590-126dc"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75484
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK events-module.js Show response
payment.mdccanada.ca/js/modules/ 3 KB
3 KB 32ms
32ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/modules/events-module.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a6e1cf13bc3b468a14b6cd91536c534c9ffc0d33d4116dc1ccdfbdf7b78c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Nov 2022 08:29:50 GMT
Server: nginx
ETag: "6377427e-c58"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3160
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
payment.mdccanada.ca/js/ 23 KB
23 KB 31ms
31ms Script
application/javascript 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/js/main.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6cd585be10bea78fa22b01eccc597eddfa43aae2dff23c52e50f66b15326876c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:14:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Jun 2024 09:31:06 GMT
Server: nginx
ETag: "667d315a-5a14"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23060
X-XSS-Protection: 1; mode=block

GET
H2 200 slick.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 87 KB
16 KB 158ms
36ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3147613
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16613
x-served-by: cache-fra-etou8220115-FRA, cache-lon420111-LON
x-jsd-version-type: version
etag: W/"15b7b-XpZQCGXagm+FCTNPA0QivnZitG0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK visa.png
canadian-visa-media.s3.amazonaws.com/images/250418/ 4 KB
4 KB 172ms
172ms Image
image/png 52.217.113.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canadian-visa-media.s3.amazonaws.com/images/250418/visa.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.113.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae40edeeec207d7c309e6f87b2b6db9091b50b1a57f0356d6fbef1ad459b2e2c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: null
Last-Modified: Wed, 02 May 2018 08:32:28 GMT
Server: AmazonS3
x-amz-request-id: MXW57D97FNPGQM2C
ETag: "e9434c704e27225d52b8cdb302929dcd"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3846
x-amz-id-2: Xju+jX5wxUfRV/Yh1qDDjeS+gkgG98VTOOK/hHgMvymi2K9hdNGQu9c7zJxCQsDJsXuvo9Jvm7s=

GET
H2 200 img_header.webp
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_combine/ 79 KB
79 KB 55ms
55ms Image
image/webp 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_combine/img_header.webp
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e8997ef3844d8617fa23c25823c70faf36a8efb04a0a42d96f102180ec4850

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6pdoBt.VIjNz57YVIRIX.TVPipXPkbDK
date: Thu, 27 Jun 2024 07:54:26 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 44435
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 80612
last-modified: Thu, 22 Feb 2024 12:46:34 GMT
server: AmazonS3
etag: "3114b58ba97c0c6852096f251d40d2a5"
vary: Accept-Encoding
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: P9Y837XjFQzAoVYvBRDzBb1hysHD8OzSkCTMAy6MDd8YvvW3cWBcDw==

GET
H/1.1 200
OK select-arrow.png
cv-media-files.s3-us-west-2.amazonaws.com/images/payment/funnels/funnel_v7/ 156 B
601 B 317ms
196ms Image
image/png 52.92.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3-us-west-2.amazonaws.com/images/payment/funnels/funnel_v7/select-arrow.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.202.106 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c5620ad7ff26a8095b38d8a26f6e0c3071d5b52b3ed766ac7b195c5be03e9cb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
x-amz-version-id: 39I1CqyMKHa9b217bUMv..BdQqaYafvD
Last-Modified: Fri, 04 Sep 2020 10:42:11 GMT
Server: AmazonS3
x-amz-request-id: MXW85AW6VFTVZG98
ETag: "40dd32813711f5d59b430d8a1dd7d9cd"
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 156
x-amz-id-2: rbYX1PpvPPeQqiuzLNbz0Uyvs1yQJJ7Y4C5aC7ETGJ8Phnpe6Xh+rD2LEZAp2aDAcG2YPQZqnLw=

GET
H/1.1 200
OK testimonials-bg.jpg
cv-media-files.s3.us-west-2.amazonaws.com/images/payment/funnels/funnel_mdc/ 269 KB
270 KB 448ms
220ms Image
image/jpeg 52.218.181.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cv-media-files.s3.us-west-2.amazonaws.com/images/payment/funnels/funnel_mdc/testimonials-bg.jpg
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.181.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37f8af81c6651000937b4ec8fa0918730b6487303940735ef021f80f7d149602

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:02 GMT
x-amz-version-id: _h6LpTecCCwKFLsROi7MMNYsqyUHDLTI
Last-Modified: Tue, 14 Mar 2023 15:15:49 GMT
Server: AmazonS3
x-amz-request-id: CN7AFMDBNEM496WQ
ETag: "65a49a9f9b6d335fa618c828e8004ef6"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 275803
x-amz-id-2: LqBx5MNIqzXTYG1qrgnDElLZ8Xx+R7xvaxZTitIwNpvF+CJNnR3nJj8CbVUygPcku2jPrF4cJuI=

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Rubik-Medium.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 50 KB
51 KB 430ms
124ms Font
binary/octet-stream 16.182.72.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/Rubik-Medium.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.72.49 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: af86eeeed7ff7c39421245942486e472828ea3f89d5c5b8b1f45427de447cac6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: MXWBD0EXJ8E1PXJW
ETag: "457e61c034561dcf61bc40dba0647c2b"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51524
x-amz-id-2: hKcCaHIiOmOVbKe7SC6kJonlDWapzOQnKD5grlqPzTbjqfMVqeQQeBa5UXtntmzNVfOes27DKUY=

GET
H/1.1 200
OK Rubik-Regular.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 50 KB
50 KB 456ms
150ms Font
binary/octet-stream 16.182.72.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/Rubik-Regular.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.72.49 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94579787a5a52a7dbf3209ccc91589eeda9878f9ff137d5fc43f4da98cc38e9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: MXW76Z1YT8FQMS97
ETag: "d57d4c613b7a4e76b61040d1a3d712f2"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 50724
x-amz-id-2: 5F6GQqG0dwk6OijS54G21qy0JBW6kZWR+Dco1SSL5Cyk+Ar/BsLCzYAzGiUxecFZkQcLWQAmeIU=

GET
H/1.1 200
OK PlayfairDisplay.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 86 KB
86 KB 492ms
148ms Font
binary/octet-stream 16.182.72.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/PlayfairDisplay.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.72.49 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf3303e6b1d8f51e4ea85a1907f8bd9b4f619d355d5a0ef9f2ff50dd658642d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: MXW1DNCQR86YV5H1
ETag: "baa785f8c13fa2f5586b9edc2c86ea00"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 87760
x-amz-id-2: 6FpHgv9/VphGg+uBr22tMU93j/HoplzfqtAIzDUEuCOfOA7t/lkUi0q3ix1Z7Wx22/F0wqjZMnE=

GET
H/1.1 200
OK Rubik-Bold.woff2
mdc-new-funnel-v2.s3.amazonaws.com/fonts/ 50 KB
51 KB 688ms
245ms Font
binary/octet-stream 16.182.72.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mdc-new-funnel-v2.s3.amazonaws.com/fonts/Rubik-Bold.woff2
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/css/modules/payment_link.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.182.72.49 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9a0f5e2db3067a91f5ad66cac49639247255eefbfd37c15f5264cd5453c7b139

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Origin: https://payment.mdccanada.ca
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:01 GMT
Last-Modified: Wed, 12 Aug 2020 13:04:57 GMT
Server: AmazonS3
x-amz-request-id: MXWB5ZSFAFF00EYG
ETag: "348a37ff9f2fdd15c5dc999cf1c010ba"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 51224
x-amz-id-2: MdHH2E+3WwiLxsY376qDZPeioX+Fx2EdIZV//LYH0sWYYD07WRt/btZlyVvsPzoz/a3/vgE4vAI=

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 23 KB
1 KB 155ms
41ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
content-encoding: br
via: 1.1 google
etag: "d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb"
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 23 KB
12 B 188ms
41ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/webxp/script/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/new/modifications.min.js?http-referer=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&timeout=4000ms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
via: 1.1 google
content-encoding: br
etag: "d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb"
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118

GET
H3 200 bundle Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/ 23 KB
12 B 217ms
37ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/bundle
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
via: 1.1 google
content-encoding: br
etag: "d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb"
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 259ms
81ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p3p5&tag_exp=0&rnd=1246410177.1719519300&url=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment&dma_cps=-&dma=0&npa=1&gclid=1677172565.1717723528&gtm=45He46q0n81N44M7QMv812156677za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 20:15:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 347 KB
108 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b427c7a939da28fddbc045dbcaa2dda32ea2ec289728df15a06479355b7f6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 20:15:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 3246ms
58ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 18:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6357
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 27 Jun 2024 20:29:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 221 KB
59 KB 221ms
60ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Jun 2024 20:15:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58251
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1392, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: druXnRvhlnboPnXvPZ23lrC7pyiJR5nnrS+jY7RMOdCBOBK8vkOpdAGOOvJbI28xjBO5Ik1QkwcGpKq6k5GtFQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 1292ms
73ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c65557eff0e987d48ba6d7716ff7f24f79885fbfaaadb0f2a5425eb76a1afe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 27 Jun 2024 20:15:02 GMT

GET
H2 200 hotjar-3485971.js Show response
static.hotjar.com/c/ 9 KB
4 KB 279ms
75ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3485971.js?sv=6

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

aa6575eb9fbd2ef10724eff1b930fb384b3251620724f5e4d7a4090fde9db417

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 20:14:31 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 58
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/ffdb58b6843910a5d13239dc97c35855
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 60A_eRHj8lK9sQT7b96HGjfuFDuvX8DHWhYNlSw-J6t4ZZv6JI_q4w==

GET
H2 200 6d9c102e305c6692d22f58c59f67b4a9.js Show response
ob.branderblender.com/i/ 102 KB
38 KB 279ms
54ms Script
text/javascript 2600:9000:2724:5400:d:bdb7:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.branderblender.com/i/6d9c102e305c6692d22f58c59f67b4a9.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:5400:d:bdb7:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 5dfaa520f0dcf1187de96c3b841a720f4d07db139ac1ca5606df7667b5a011f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:50:59 GMT
content-encoding: gzip
via: 1.1 b542963649ffc3f71c6540a2347be55a.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P12
age: 37446
etag: "19936-fPDnixlZDC8GlSEP5Ijk/Uekb+w"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38308
x-amz-cf-id: sByBV5b8kJeQ4ZjcvaqkEJah0mDnVtqdmdYiAzw0nVN2DQx_EWUGqw==
expires: Thu, 27 Jun 2024 21:50:55 GMT

GET
H2 200 1047762.png
cdn-icons-png.flaticon.com/512/1047/ 29 KB
30 KB 302ms
105ms Image
image/png 2a02:26f0:12d::1730:ca41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-icons-png.flaticon.com/512/1047/1047762.png
Requested by: Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::1730:ca41 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b612c1352fc569816d522c0a9ae1d37bdc273596a583f2402edb73f00f712384

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
x-amz-meta-goog-reserved-file-mtime: 1532500334
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 30050
pragma: public
last-modified: Mon, 18 Sep 2023 15:11:16 GMT
etag: "69a1e279ae930c164b89633beb52cbcc"
vary: Accept-Encoding
x-goog-generation: 1695049876914175
content-type: image/png
access-control-allow-origin: *
x-default-rule: YES
cache-control: public, max-age=31536000
x-goog-stored-content-length: 30050
x-amz-checksum-crc32c: lOw36Q==
accept-ranges: bytes
x-amz-meta-x-goog-reserved-source-generation: 1634263990431952
expires: Thu, 27 Jun 2024 20:15:00 GMT

GET
H2 200 widget.js Show response
lcgroups-org.freshchat.com/js/ 67 KB
22 KB 406ms
121ms Script
application/javascript 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/js/widget.js

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

a2d1278b0d76000e797e065a55682632449375fa31d71ab27d051dff25366a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 00-755397d1661a251ac1f569fdfec1351a-e329fc42f080b99e-00
date: Thu, 27 Jun 2024 20:15:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 07:03:12 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: dpr96
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: fc79463c-cf7f-46c2-b327-fb7b68349207

POST
H2 200 bulk Show response
api.exponea.com/ 469 B
710 B 41ms
40ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/bulk
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: acb1ec168c5d12af5b6f923b737a862296550fe8e74a43c0547f00e4eba6d5b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-request-id: 19116c15-8b11-400a-80c4-1e2917e4acff

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 225ms
82ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je46q0v886766442z8812156677za200zb812156677&_p=1719519299557&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1472890801.1719519301&ecid=344664513&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1719519300&sct=1&seg=0&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&dt=Trust%20Pay%20payment&en=page_view&_fv=1&_nsi=1&_ss=1&ep.lang=en&tfd=1684&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 20:15:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 224ms
82ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je46q0v886766442za200zb812156677&_p=1719519299557&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1472890801.1719519301&ecid=344664513&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=AAAC&_s=2&sid=1719519300&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&dt=Trust%20Pay%20payment&en=page_view&_ee=1&_et=1&tfd=1686&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 20:15:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 222ms
83ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je46q0v886766442za200zb812156677&_p=1719519299557&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1472890801.1719519301&ecid=344664513&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=3&cu=USD&sid=1719519300&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&dt=Trust%20Pay%20payment&en=begin_checkout&_c=1&_ee=1&pr1=idc3a938a8b17038d75c9cfe18b93a0583~nmGold%20Evaluation%20Package~brCanadianvisa.org~caConsulting~lioffline~lncall_center~vaOffline~pr49~qt1&epn.value=49&_et=1&tfd=1688&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 20:15:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 221ms
82ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je46q0v886766442z8812156677za200zb812156677&_p=1719519299557&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1472890801.1719519301&ecid=344664513&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=AAAC&_s=4&sid=1719519300&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&dt=Trust%20Pay%20payment&en=page_view&ep.leads_user_data=%5Bobject%20Object%5D&_et=1&tfd=1689&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 20:15:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 221ms
83ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RWE693YD8B&gtm=45je46q0v886766442z8812156677za200zb812156677&_p=1719519299557&em=tv.1~em.mtRZMoVjUwkeTJu8aZbrGPvom0QzPacJCzTQ0OMtHKo&gcs=G100&gcd=13p3p3p3p5&npa=1&dma_cps=-&dma=0&tag_exp=0&gtm_up=1&cid=1472890801.1719519301&ecid=344664513&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=AAAC&_s=5&sid=1719519300&sct=1&seg=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&dt=Trust%20Pay%20payment&en=page_view&ep.leads_user_data=%5Bobject%20Object%5D&_et=1&tfd=1690&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWE693YD8B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 20:15:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.mdccanada.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 show Show response
api.exponea.com/managed-tags/ 38 B
83 B 47ms
47ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/managed-tags/show
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:00 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

POST
H3 200 link-ids Show response
api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/cookies/b2b849f2-4423-4f7c-88d1-c5683cb97dcb/ 0
11 B 49ms
49ms Fetch 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/webxp/projects/9a5c1884-6c59-11eb-8b86-9ef8a0068af9/cookies/b2b849f2-4423-4f7c-88d1-c5683cb97dcb/link-ids
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://payment.mdccanada.ca
date: Thu, 27 Jun 2024 20:15:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 276242916243096 Show response
connect.facebook.net/signals/config/ 60 KB
13 KB 184ms
183ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/276242916243096?v=2.9.159&r=stable&domain=payment.mdccanada.ca&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

374f480fb4ffe8b977a33dfd839a5cfa94c55803fa92899fae0026b1699a2f48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Jun 2024 20:15:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=12, c=49, mss=1392, tbw=63771, tp=-1, tpl=-1, uplat=132, ullat=0
pragma: public
x-fb-debug: o67UiZgkm1X7BnxZKdaoO+QwX/oAurXsOjVf0ay5zGQntPobOOxCCtAINk9LKlKl+8ckF0aJJKmk7BzC+InODA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.de6b9e294c29aa146ba1.js Show response
script.hotjar.com/ 223 KB
56 KB 252ms
67ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.de6b9e294c29aa146ba1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3485971.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 10:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 294354
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56329
last-modified: Mon, 24 Jun 2024 10:28:38 GMT
etag: "008a76cf1200a93494425164a6546e72"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -WDSU9tAE86L4WOIwgFCa52YZWDpjh21_EQ2hXG70bLUpmuPHjsYaQ==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 253ms
101ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=276242916243096&ev=PageView&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&rl=&if=false&ts=1719519301559&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719519301558.665792031534188536&ler=empty&cdl=API_unavailable&it=1719519301340&coo=false&rqm=GET

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Jun 2024 20:15:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 641ms
557ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=276242916243096&ev=PageView&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&rl=&if=false&ts=1719519301559&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719519301558.665792031534188536&ler=empty&cdl=API_unavailable&it=1719519301340&coo=false&rqm=FGET

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x147fc25b982eef17","source_keys":["1","2"]},{"key_piece":"0xb887947dd62266f6","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 27 Jun 2024 20:15:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385279164291255502", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=3128, tp=-1, tpl=-1, uplat=234, ullat=0
pragma: no-cache
x-fb-debug: 2Q6dmDguQrNm4+3+wdKl9OskvJ6TmNJAF/pt3dDJVkqLfRzI21uXXsfx2YHPcaWV+ML6Gj+bsM8PNR5cwQ2smg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385279164291255502"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 3485971 Show response
vc.hotjar.io/sessions/ 0
232 B 575ms
90ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3485971?s=0.25&r=0.16100179140491688
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.de6b9e294c29aa146ba1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 27 Jun 2024 20:15:02 GMT
cache-control: no-store
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: KH0z8gyiGPkmS3dh4Uo-RnGX5JRXZhp2N9S6vnLto1Ya9EM-ouJDqw==
x-cache: Miss from cloudfront

GET
H2 200 config_iframe.html
lcgroups-org.freshchat.com/widget/ Frame 26E4 0
0 589ms
129ms Document
text/html 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/config_iframe.html?host=https://lcgroups-org.freshchat.com&token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&origin=https://payment.mdccanada.ca

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://payment.mdccanada.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 27 Jun 2024 20:15:02 GMT
last-modified: Tue, 25 Jun 2024 07:03:12 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: 6bd38ff9-3052-4020-94e0-f07421f06b92
x-server: dpr96
x-trace-id: 00-284515bf8c4caedf627057caa95d7104-38c6ff4addb21989-00
x-xss-protection: 1; mode=block

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5b22937f/www-widgetapi.vflset/ 31 KB
10 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5b22937f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e793c5b1e2ed307b5926c677f1f29296a810d950201d0a8bd50df5886928883e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 18:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10431
x-xss-protection: 0
last-modified: Wed, 26 Jun 2024 04:16:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Jun 2025 18:48:29 GMT

GET
H2 200 ct Show response
obs.branderblender.com/ 0
118 B 499ms
181ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.branderblender.com/ct?id=57751&url=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1719519302390&hl=2&op=0&ag=3514327459&rand=047002115779102101670552112226859377073757166008707010006761645550701552221217965218&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDE5OF0sWyJhYm5jaCIsMV0sWy04LCItIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTI5LCItIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIzMjk5OTEzNjlcIl0sXCJkXCI6W10sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGZYQmtSVVUxTlNVb0RGaFpXV3hkYlMxaFhYVnhMVzFWY1YxMWNTeGRhVmxRV1VCWVBYUUJhQ0FrTFhBb0pERm9QRHdBTFhRc0xYd3dCV2d3QVh3OE9XdzFZQUJkVFNnTUlBdzhPRFFBSkVCVllUUmxMR1JGUlRVMUpTZ01XRmxaYkYxdExXRmRkWEV0YlZWeFhYVnhMRjFwV1ZCWlFGZzlkQUZvSUNRdGNDZ2tNV2c4UEFBdGRDd3RmREFGYURBQmZEdzViRFZnQUYxTktBd2dERGc9PSJdLFstNTksImRlZmF1bHQiXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3JlYWRvbmx5X2FuZF9yZWFkd3JpdGVfc3RvcmFnZV90ZXh0dXJlcztwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTY3LCItIl0sWy00LCItIl0sWy03LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTU4LCItIl0sWy02MCwiLSJdLFstNSwiLSJdLFstMTgsIlswLDAsMCwxXSJdLFstMjMsIisiXSxbLTI2LCJ7XCJ0amhzXCI6MjY3MzM5NTEsXCJ1amhzXCI6MTk3MTk4ODcsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTMxLCJmYWxzZSJdLFstNDksIi0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjMsIi0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGJyb3dzaW5ndG9waWNzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsbG9jYWxmb250cyxvdHBjcmVkZW50aWFscyxlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LHNoYXJlZHN0b3JhZ2UsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGd5cm9zY29wZSxpbnRlcmVzdGNvaG9ydCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLGNvbXB1dGVwcmVzc3VyZSxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2sscHJpdmF0ZWFnZ3JlZ2F0aW9uLGNsaXBib2FyZHdyaXRlLGF0dHJpYnV0aW9ucmVwb3J0aW5nLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTE1LCItIl0sWy0xOSwiWzMwLDMwLDMwLDMwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstMTYsIjAiXSxbLTQxLCItIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTEyLCJudWxsIl0sWy0zMywiLSJdLFstMSwiLSJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTIwLCItIl0sWy0yNSwiLSJdLFstMzIsIi0iXSxbLTM1LCJbMTcxOTUxOTMwMjM4MiwtMV0iXSxbLTQ0LCIwLDAsMCw1Il0sWy00NywiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy0yLCItIl0sWy05LCIrIl0sWy0yMSwiY2FyZCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI0LCJbXSJdLFstMjcsIlsxNTAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTQ4LCIwLDAiXSxbLTYyLCI4MCJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTM4LCJpLC0xLC0xLDQ4MiwwLDAsMCwwLDAsOTYsLTEsMCwxMzM1LjMsMTMzNS4zLDM0MTUsMzQxNSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTUzLCIxMDAiXSxbLTU1LCIxIl0sWyJibmNoIiwyNF0sWy02LCItIl0sWy0xNywiMTIiXSxbLTI4LCJlbi1VUyxlbiJdLFstMzQsIi0iXSxbLTQwLCIzMyJdLFstNTIsIi0iXSxbLTY0LCJbMCxcIldpbjMyXCIsW3tcImJcIjpcIkdvb2dsZSBDaHJvbWVcIixcInZcIjpcIjEyNlwifSx7XCJiXCI6XCJOb3Q6QS1CcmFuZFwiLFwidlwiOlwiOFwifSx7XCJiXCI6XCJDaHJvbWl1bVwiLFwidlwiOlwiMTI2XCJ9XV0iXSxbLTY4LCItIl0sWyJkZGIiLCIwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMSwzLDAsMCwwLDEsMCwwLDAsMCwwLDAiXSxbImNiIiwiMCwwLDAsMCwwLDAsMCwxLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=HUMb6INfQc&pto=3419&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1719519302.FvIBYB25uVW5IKeO&suid=1.1719519302.p3K9ZeMizGTdt0Cp&tuid=1.1719519302.MHBv6ObiznlyNY8I&fbc=1.1719519301558.665792031534188536&gtm=WyJiZWdpbl9jaGVja291dCJd&it=99%2C1429%2C1083&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=inp.1.0%3B&sck=-
Requested by: Host: ob.branderblender.com
URL: https://ob.branderblender.com/i/6d9c102e305c6692d22f58c59f67b4a9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 27 Jun 2024 20:15:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript

GET
H2 200 /
lcgroups-org.freshchat.com/widget/ Frame D7C2 0
0 111ms
111ms Document
text/html 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/?token=77eb97aa-035d-4771-8acf-7a8638e3ae6d&referrer=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==&eagerLoad=true

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://payment.mdccanada.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 27 Jun 2024 20:15:02 GMT
last-modified: Tue, 25 Jun 2024 07:03:12 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: 71756b2e-d411-983e-b41c-49c38f1c9116
x-server: xj45f
x-trace-id: 00-c11d9987d33c4e2331c7b3ea92d5da80-5a38f9f477abf753-01
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
lcgroups-org.freshchat.com/widget/css/ 9 KB
2 KB 113ms
113ms Stylesheet
text/css 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lcgroups-org.freshchat.com/widget/css/widget.css?t=1719519302540

Requested by

Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: 8d0e0bef-43d6-4737-aa2e-60f8d46cb985
x-trace-id: 00-51742f10d0b4e6317cf5017a510ddf2a-be5cd8ca9b631640-00
last-modified: Tue, 25 Jun 2024 07:03:12 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: xj45f
expires: Fri, 27 Jun 2025 20:15:02 GMT

GET
H2 200 index.html
465930902273542.webpush.freshchat.com/ Frame C880 0
0 630ms
457ms Document
text/html 18.245.60.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://465930902273542.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9wYXltZW50Lm1kY2NhbmFkYS5jYQ==
Requested by: Host: lcgroups-org.freshchat.com
URL: https://lcgroups-org.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-122.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://payment.mdccanada.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 27 Jun 2024 20:15:05 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
x-amz-cf-id: Q50cUhhEwUCRTJoP8L-02hHstHmwGOPxyxX7WcO03nmgcMRBxVGU4g==
x-amz-cf-pop: FRA60-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 56ms
55ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1056711827&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&ul=en-gb&de=UTF-8&dt=Trust%20Pay%20payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAgAAAABAAAAAAAAIk~&cid=1472890801.1719519301&tid=UA-88273432-1&_gid=1294407894.1719519304&gtm=45He46q0n81N44M7QMv812156677za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=0&tag_exp=0&npa=1&z=259628357

Requested by

Host: payment.mdccanada.ca
URL: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 26 Jun 2024 22:17:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79059
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 bulk Show response
api.exponea.com/ 107 B
123 B 41ms
40ms Fetch
application/json 35.244.143.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.exponea.com/bulk
Requested by: Host: api.exponea.com
URL: https://api.exponea.com/js/exponea.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.143.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.143.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 54bb1f500b4a77d616047b8718bc0c4473bba94e8fcc435825093a9c31f7e6f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://payment.mdccanada.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:04 GMT
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://payment.mdccanada.ca
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107
x-request-id: 89f08dc8-3b4e-434f-97e6-7141427da058

GET
H2 200 mdc_david.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 126 KB
0 1ms
1ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_david.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68b1a10699dad6e61ccb4093cf5017571e42d1cefaca62669581677956cac152

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Vmmk46e9vCsV2chz6OL6mNBGuz7n9ADE
date: Thu, 27 Jun 2024 09:36:02 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 38339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 128922
last-modified: Tue, 14 Mar 2023 12:02:12 GMT
server: AmazonS3
etag: "dd4c5846b5d60fb8103f9a866700c4cf"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 7-CNIXqDYqeIHo-Zvr6AJufEPGhm9EFQXYXqZf5okwz0RIy4Y3xmAQ==

GET
H2 200 mdc_alireza.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 95 KB
0 1ms
1ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_alireza.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eca0c7e678919f04535499591de95afb80f21ec06a2e3c1cf94099f990261c6a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Tt.wO6ljuHG0zBpYadXRxPYcZAlnED71
date: Thu, 27 Jun 2024 20:15:01 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 12:02:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "c473217159b06cb51524f3864db08f6f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 97719
x-amz-cf-id: JBG9OWwgQn4vJDPlFZZUZ7EH3G3ecJYIT1JGGaT8vEnw0w0M_bDqTg==

GET
H2 200 mdc_giovanni.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 112 KB
0 1ms
1ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_giovanni.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ed0105089a46f9fdad6234d109091776b6b42a9fb716b1a8a3745228a4a1186

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QsqwtYn5gppbbGyuYt8pTd4sLdZHL9KK
date: Thu, 27 Jun 2024 11:08:23 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 32798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 114621
last-modified: Tue, 14 Mar 2023 12:02:09 GMT
server: AmazonS3
etag: "fdda75bd98dd31a3ca6f2db8d70c403a"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: zILGY02fefG54kDRx_eLke81uQZdSM8nS3QnuGi5pmquKVi24L7WGA==

GET
H2 200 mdc_jimmy.png
d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/ 131 KB
0 2ms
1ms Image
image/png 2600:9000:223f:f800:15:20a2:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ac9zce9817ms.cloudfront.net/images/payment/funnels/funnel_mdc/mdc_jimmy.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f800:15:20a2:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddda2cc348b4d18cee0a59c17740f40f56b46f914dbf023ad4b1af3c0c5d68c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FOYJs_8_VDBcMfJDZqWwY0GNq1r0AWGa
date: Thu, 27 Jun 2024 11:08:23 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 32798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
content-length: 134498
last-modified: Tue, 14 Mar 2023 12:02:10 GMT
server: AmazonS3
etag: "1e0858a912f37440b796936c7d81834d"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 4ceiDZPdG7HsnTho4gGyEicIM132LqwZgBQ7bzWZrbW367NJG2tPIQ==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-873086315&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6de0362fef35a1e0c2d962158d8b7a05cf4eb7b5d6a873d37e00c16a9e856cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93345
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 19:19:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 20:15:04 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 222ms
44ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 27 Jun 2024 20:15:04 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FADA5DE060B4B78BF2133E397E343F7 Ref B: LON04EDGE0714 Ref C: 2024-06-27T20:15:04Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 81ms
76ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11180768470&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e091c6f2c4458d311574c5429c4f79229d84f55bc00fefddf1090b61fcea1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93229
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 19:19:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 20:15:04 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 128ms
128ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11227845249&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N44M7QM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f3ed952c4ed7c9893333354fd6d3acd29925249eaaf64a2d9951c624b5e08d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:15:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93329
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 19:19:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 20:15:04 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
44ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1056711827&t=adtiming&_s=2&dl=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&ul=en-gb&de=UTF-8&dt=Trust%20Pay%20payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5571&pdt=15&dns=0&rrt=482&srt=81&tcp=0&dit=1217&clt=1217&_gst=1426&_gbt=5186&_u=YDgAAAABAAAAAAAAIk~&cid=1472890801.1719519301&tid=UA-88273432-1&_gid=1294407894.1719519304&gtm=45He46q0n81N44M7QMv812156677za200&gcs=G100&gcd=13p3p3p3p5&dma_cps=-&dma=0&tag_exp=0&npa=1&z=123774601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 14:55:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19146
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon-32x32.png
payment.mdccanada.ca/favicons/ 2 KB
3 KB 31ms
30ms Other
image/png 165.232.36.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.mdccanada.ca/favicons/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

165.232.36.183 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3091bd6d017d069629ef1c45ad7ded5d3dead81d31f39ee4a9cbb7f8883769d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/trust/payment?lang=en&gclid=1677172565.1717723528
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 20:15:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 May 2021 12:25:25 GMT
Server: nginx
ETag: "60a65535-9f5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2549
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 149007793.js Show response
bat.bing.com/p/action/ 0
118 B 43ms
42ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149007793.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 27 Jun 2024 20:15:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7CE04D2F51B4FC1AE35394039FE5215 Ref B: LON04EDGE0714 Ref C: 2024-06-27T20:15:04Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 98ms
98ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149007793&tm=gtm002&Ver=2&mid=670ed84f-ee33-42c2-89f2-f097740bae95&sid=f0fa910034c111ef83cb4fd7c7ebbcaa&vid=f0fac8f034c111ef900d3174b525f4bd&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Trust%20Pay%20payment&p=https%3A%2F%2Fpayment.mdccanada.ca%2Ftrust%2Fpayment%3Flang%3Den%26gclid%3D1677172565.1717723528&r=&lt=5591&evt=pageLoad&sv=1&rn=707264

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.mdccanada.ca/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jun 2024 20:15:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAB13BB4DC604C2D9141B50C62182122 Ref B: LON04EDGE0714 Ref C: 2024-06-27T20:15:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.mdccanada.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: kpcok8dkt9fh9rscpainojvrs4
payment.mdccanada.ca/	1969-12-31 23:59:59	Name: _csrf Value: 0f2916f32a41db7f8f38c50ae80baa861e0ae82271fe049e40ca7e28161bc6bea%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22IZYOyPUUPdsnHZXaGNEOLV7RvrUVOMPP%22%3B%7D
api.exponea.com/	1970-01-21 07:14:39	Name: xnpe_9a5c1884-6c59-11eb-8b86-9ef8a0068af9 Value: b2b849f2-4423-4f7c-88d1-c5683cb97dcb
.mdccanada.ca/	1970-01-21 07:14:39	Name: __exponea_etc__ Value: b2b849f2-4423-4f7c-88d1-c5683cb97dcb
.mdccanada.ca/	1970-01-20 21:38:42	Name: __exponea_time2__ Value: -0.08726310729980469
.mdccanada.ca/	1970-01-20 23:48:15	Name: _fbp Value: fb.1.1719519301558.665792031534188536
.mdccanada.ca/	1970-01-21 06:24:15	Name: _hjSessionUser_3485971 Value: eyJpZCI6IjExYWRmOWE0LTFlMmItNWI2ZC05ODliLTJmODZmOTkzOWIzOSIsImNyZWF0ZWQiOjE3MTk1MTkzMDE3ODQsImV4aXN0aW5nIjpmYWxzZX0=
.mdccanada.ca/	1970-01-20 21:38:41	Name: _hjSession_3485971 Value: eyJpZCI6ImI5ODgzMmUyLTdlYWItNGVkYi04MGJiLWM2OGY5NjZkOTgwNSIsImMiOjE3MTk1MTkzMDE3ODUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: oTkARolgysg
.youtube.com/	1970-01-21 01:57:51	Name: VISITOR_INFO1_LIVE Value: ccGcDjgRDuc
.youtube.com/	1970-01-21 01:57:51	Name: VISITOR_PRIVACY_METADATA Value: CgJHQhIEGgAgZg%3D%3D
.mdccanada.ca/	1970-01-20 23:50:03	Name: _cq_duid Value: 1.1719519302.FvIBYB25uVW5IKeO
.mdccanada.ca/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1719519302.p3K9ZeMizGTdt0Cp
.mdccanada.ca/	1970-01-20 21:40:05	Name: _uetsid Value: f0fa910034c111ef83cb4fd7c7ebbcaa
.mdccanada.ca/	1970-01-21 07:00:15	Name: _uetvid Value: f0fac8f034c111ef900d3174b525f4bd
.bing.com/	1970-01-21 07:00:15	Name: MUID Value: 29132F9D926265B0105D3B3693456430

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

465930902273542.webpush.freshchat.com
api.exponea.com
bat.bing.com
canadian-visa-media.s3.amazonaws.com
cdn-icons-png.flaticon.com
cdn.jsdelivr.net
connect.facebook.net
cv-media-files.s3-us-west-2.amazonaws.com
cv-media-files.s3.us-west-2.amazonaws.com
d1ac9zce9817ms.cloudfront.net
d1dje5mxb6emkl.cloudfront.net
fonts.googleapis.com
lcgroups-org.freshchat.com
lps.canadianvisa.org
mdc-new-funnel-v2.s3.amazonaws.com
ob.branderblender.com
obs.branderblender.com
pagead2.googlesyndication.com
payment.mdccanada.ca
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
u.agccall.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
13.32.27.54
16.182.72.49
165.232.36.183
167.99.182.231
167.99.195.78
18.245.60.122
18.66.102.53
18.66.112.15
2001:4860:4802:34::36
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:223f:f800:15:20a2:3900:21
2600:9000:2670:5000:c:ec32:f140:21
2600:9000:2724:5400:d:bdb7:5480:93a1
2620:1ec:c11::237
2a00:1450:4001:801::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a02:26f0:12d::1730:ca41
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::485
35.244.143.131
52.217.113.17
52.218.181.241
52.92.202.106
76.223.64.65
12d833367b6cbfffdf170d0d33673e35c1ce616654245378d14ef3890937f9f2
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
158846df28c60719849d9258e6b56cb7726cbb61e30a15fd5afa58b62cf376d2
1c65557eff0e987d48ba6d7716ff7f24f79885fbfaaadb0f2a5425eb76a1afe9
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
289ed5b990a607d3c5ff04e87fc1f22ae935a0900df68a5f465c5ac5923ca01d
29e0c20c1b7e313e437c62e81edee8be34f107a2873ac72e5f84f6ea8a85daae
2b48eb21e579e004fcce778b98126f11f4879b06444b6185779c3a949d001116
2f3ed952c4ed7c9893333354fd6d3acd29925249eaaf64a2d9951c624b5e08d8
2f5798d2bf40221b1a159edce182993d2cde63dd4ec3a945532411bf07f7e4ee
3091bd6d017d069629ef1c45ad7ded5d3dead81d31f39ee4a9cbb7f8883769d0
349bea457c5a6e16fb7487465feebabee1c45429c4317aa9706ef5f7599668df
374f480fb4ffe8b977a33dfd839a5cfa94c55803fa92899fae0026b1699a2f48
37e8997ef3844d8617fa23c25823c70faf36a8efb04a0a42d96f102180ec4850
37f8af81c6651000937b4ec8fa0918730b6487303940735ef021f80f7d149602
3ba06f927fc8f1d2fc014511c260d22f2a9ad71908ae85217947364b346c3128
3da68c427952c6f87a17fbd75f6fd18acda783257d0de6c54cc970d35dde072d
3e26d26fbcf10cdc20e715a8fc167a216ae90f792c6cc76256512c41bf4d5ff5
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4b427c7a939da28fddbc045dbcaa2dda32ea2ec289728df15a06479355b7f6bc
4ed0105089a46f9fdad6234d109091776b6b42a9fb716b1a8a3745228a4a1186
54bb1f500b4a77d616047b8718bc0c4473bba94e8fcc435825093a9c31f7e6f0
58436a4fa28a17c2689f8375d01095276e95cac03517b3c649e14f06c195f3e6
58e78ddbe7394cd14a1e3bc3d8a85a8f9a5c319653ce2a50008ed33560df6b1b
593da46ed8890edf70f2e97e82a629c931da3c72302b32a8663942c9b5c307d3
5afd6716402effa7da36565f71ba6a3840147dad4c3bebb097ed32e840f0b717
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec
5dfaa520f0dcf1187de96c3b841a720f4d07db139ac1ca5606df7667b5a011f6
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
68b1a10699dad6e61ccb4093cf5017571e42d1cefaca62669581677956cac152
6cd585be10bea78fa22b01eccc597eddfa43aae2dff23c52e50f66b15326876c
6de0362fef35a1e0c2d962158d8b7a05cf4eb7b5d6a873d37e00c16a9e856cc5
6e091c6f2c4458d311574c5429c4f79229d84f55bc00fefddf1090b61fcea1f6
6fb84f62990a7291458a9bce450191cadabd9416e526e79efd28ce0d7c4b881e
7027af9bf75f5a7ca52a3e04aa292a4d30342919772a2e354018ea2b150b30af
70a0d31f41f96de2fe35b36a20f289f45e28d7da1b39c0b4ec677e28b68a6c05
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
742d2a43bc2e07e4ce994c97173ee31ca0aaf595d0986788f4c5c71ca670c4e6
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7f62e179ab6ac34a40148be67c533c8dfbefecceb73a1b721ef0c7e3154d3da4
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86316eec675b32346b1a476a7495b040ac3f45f0281918c222c984edc54cacda
8ddb060965730ddb8fd83e8a3897f129847f9a85cfde5cded2afd0bcbf5edd2a
8f6f12c27aa252907afd89baf65e862d08617d79d070e9719ab42d9b65637ec7
92cd6e6acd0b0744801db343d0fa4a32f5c106925a19628a5fca948e6aacf92f
94579787a5a52a7dbf3209ccc91589eeda9878f9ff137d5fc43f4da98cc38e9a
94586f5b7f5e497ea5035fc2a1cff44b3103f268b903c3a5bde1746e7d122134
9a0f5e2db3067a91f5ad66cac49639247255eefbfd37c15f5264cd5453c7b139
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
a2d1278b0d76000e797e065a55682632449375fa31d71ab27d051dff25366a55
a6a6e1cf13bc3b468a14b6cd91536c534c9ffc0d33d4116dc1ccdfbdf7b78c13
a99e7839f9d91a4ecfd4ce6cbc41d88caa860117ef4440d36e244290d6bab862
aa6575eb9fbd2ef10724eff1b930fb384b3251620724f5e4d7a4090fde9db417
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acb1ec168c5d12af5b6f923b737a862296550fe8e74a43c0547f00e4eba6d5b1
ae40edeeec207d7c309e6f87b2b6db9091b50b1a57f0356d6fbef1ad459b2e2c
ae62aca8866fbca77e935b5429119eeda9d3646a1cc52568d35e10a580f553b5
af86eeeed7ff7c39421245942486e472828ea3f89d5c5b8b1f45427de447cac6
b612c1352fc569816d522c0a9ae1d37bdc273596a583f2402edb73f00f712384
b62070ba47b830d8cd7b32f00ced8b7c40824ca86891e844b5f9198aa54e4687
b7d630946321a7efc3e58f1aa67a71444556ee05315acca9230a23ceea5f6f90
b92c75200923ef3bcff1325670e81e27e37227ab9b018cf8568a0eedbe514351
bbda4f52b4e1782ef1320279f63978683c3f12f4442956dfbc12cbc91ba295dc
bf3303e6b1d8f51e4ea85a1907f8bd9b4f619d355d5a0ef9f2ff50dd658642d0
c5620ad7ff26a8095b38d8a26f6e0c3071d5b52b3ed766ac7b195c5be03e9cb5
c6e0676d3ea2badee784595660572ef3d5354c27ba7ce101071c423372384d6c
c7592d319a0a4a9526994ed0ff964af43ac8415daa11c04f699b7fc38fc4bfad
c7b81343fb4a500a1d636674c4cc0f28bc99be5dd2091ebf22dfcbdabaf704b6
cb9e40dc843c17b5aa1b783927cd2b4312d192a0f796aaf4c112e760b5e2af2e
cc4a3465c4c5d5ccd423dcbcaeb603c4bd0f63bce1150b4efbd7fddaf740b4c1
d01cc02e7815491811415ef14e942f40da3494ac3f66857b71d9e9af0bd4f960
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d1bcd0b606710857e19aaa7cccd62c7264318271649738e76006c05f30d01062
d442983533ee829f6449ee8fb9ab223ba01d8123185fbe0954dd41e7ab580dfb
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8e662d4fd88fcb84ade7d9f7bfa88d2b5a75bc538912f448e49e6495ba2c30a
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
dc212ea48be0d47520560a1f9782cbf1782fe2e525241c87b832a6aafc5f8c6b
ddda2cc348b4d18cee0a59c17740f40f56b46f914dbf023ad4b1af3c0c5d68c7
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e386804fca2de27287995ee6100058179f0c2b9a7d7883b5a4dfa4fcf4819891
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72493ff19eb55ec986e4262cfe6505e5d18469d8ed8b2782c63ba8ce368f96c
e793c5b1e2ed307b5926c677f1f29296a810d950201d0a8bd50df5886928883e
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebb556a29ec199dd9b046ef88c0e42e4b702cefd3033f98f60bcebe03f151dc5
eca0c7e678919f04535499591de95afb80f21ec06a2e3c1cf94099f990261c6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4939b06b39ac47cccffd4a2022abb4b73b9f79f57bfd26e361f237018efc127
f98e99a9093900de6d892130893996c5b6d931655179eb32f057959ef02e5165

payment.mdccanada.ca Open in urlscan Pro 165.232.36.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

54 %IPv6

20 Domains

28 Subdomains

28 IPs

4 Countries

4574 kBTransfer

7115 kBSize

16 Cookies

100 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payment.mdccanada.ca Open in urlscan Pro
165.232.36.183 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

54 %
IPv6

20
Domains

28
Subdomains

28
IPs

4
Countries

4574 kB
Transfer

7115 kB
Size

16
Cookies

109 HTTP transactions
6 data transactions