aeso.everythingcard.ca Open in urlscan Pro
172.67.73.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aeso.everythingcard.ca/
Effective URL:
https://aeso.everythingcard.ca/welcome/code
Submission: On April 24 via manual (April 24th 2024, 7:35:13 pm UTC) from CA — Scanned from CA

Summary HTTP 44 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 44 HTTP transactions. The main IP is 172.67.73.12, located in United States and belongs to CLOUDFLARENET, US. The main domain is aeso.everythingcard.ca.
TLS certificate: Issued by E1 on March 21st 2024. Valid for: 3 months.

This is the only time aeso.everythingcard.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	172.67.73.12 172.67.73.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.31.234 104.18.31.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
6	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.167.106 142.251.167.106	15169 (GOOGLE) (GOOGLE)
1	172.253.62.95 172.253.62.95	15169 (GOOGLE) (GOOGLE)
4	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	104.21.85.216 104.21.85.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
3	142.251.167.100 142.251.167.100	15169 (GOOGLE) (GOOGLE)
4	142.251.167.94 142.251.167.94	15169 (GOOGLE) (GOOGLE)
3	142.251.167.147 142.251.167.147	15169 (GOOGLE) (GOOGLE)
1	104.21.85.189 104.21.85.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	13

16 172.67.73.12 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aeso.everythingcard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.31.234 (None, )

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.85.216 (None, )

ASN13335 (CLOUDFLARENET, US)

fraud.esiance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.167.100 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.167.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.85.189 (None, )

ASN13335 (CLOUDFLARENET, US)

fraud.cardswap.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	everythingcard.ca 1 redirects aeso.everythingcard.ca	4 MB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	124 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	296 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	86 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	905 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 363	153 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	22 KB
1	cardswap.ca fraud.cardswap.ca	740 B
1	esiance.com fraud.esiance.com	3 KB
1	termly.io app.termly.io — Cisco Umbrella Rank: 14416	298 KB
44	10

	Domain	Requested by
16	aeso.everythingcard.ca	1 redirects aeso.everythingcard.ca
6	cdnjs.cloudflare.com	aeso.everythingcard.ca cdnjs.cloudflare.com fraud.esiance.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.jsdelivr.net	aeso.everythingcard.ca
4	www.google.com	aeso.everythingcard.ca www.gstatic.com
3	www.google-analytics.com	aeso.everythingcard.ca www.google-analytics.com
3	fonts.googleapis.com	aeso.everythingcard.ca
1	fraud.cardswap.ca	fraud.esiance.com
1	www.gstatic.com	www.google.com
1	fraud.esiance.com	aeso.everythingcard.ca
1	ajax.googleapis.com	aeso.everythingcard.ca
1	app.termly.io	aeso.everythingcard.ca
44	12

This site contains links to these domains. Also see Links.

Domain
www.everythingcard.ca

Subject Issuer	Validity	Valid
everythingcard.ca E1	`2024-03-21` - `2024-06-19`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2023-05-03` - `2024-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
esiance.com GTS CA 1P5	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
cardswap.ca E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://aeso.everythingcard.ca/welcome/code
Frame ID: 8F41D35FBA95EF14BAD22CEC2898B9C3
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&co=aHR0cHM6Ly9hZXNvLmV2ZXJ5dGhpbmdjYXJkLmNhOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=chzxmhrjf2b5
Frame ID: ADD1ABF00B9EACEF441D62C05923902B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-&co=aHR0cHM6Ly9hZXNvLmV2ZXJ5dGhpbmdjYXJkLmNhOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=y2abik9vzya7
Frame ID: 2463C54175168FA05E7B7BB1B5B14BBF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-
Frame ID: FF8D4906929A5F68A6ADA9828B8D4F29
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EverythingCard

Page URL History Show full URLs

https://aeso.everythingcard.ca/ HTTP 302
https://aeso.everythingcard.ca/welcome/code Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

5409 kB
Transfer

7802 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.everythingcard.ca/customerservice
Title: contact us

Search URL Search Domain Scan URL

URL: http://www.everythingcard.ca/
Title: EverythingCard

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aeso.everythingcard.ca/ HTTP 302
https://aeso.everythingcard.ca/welcome/code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request code Show response
aeso.everythingcard.ca/welcome/
Redirect Chain

https://aeso.everythingcard.ca/
https://aeso.everythingcard.ca/welcome/code

52 KB
11 KB

292ms
291ms

Document
text/html

172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d5381a99dc5cf2053ec0eefa9df498330d7e0219c948344dd4f377d8e63c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 879888e39c7d53ef-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 19:35:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1meoBabnacyjvYx7OD29kPTaKSyOTgLctKtkIpKUOwjbDgKdE7z5Jzd1Y8Q4wOK0lgxsZjAKj3JXH8960aW5UAG9FWk%2BDOZM9UulgbwSw3Y%2FYUhQ9tb5CfQ0PoSy6%2FC39%2FrEB74vKI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 879888d4d9bf53ef-YYZ
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 19:35:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /welcome/code
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5M5MnxqM2S6ycRbGbiMMM4K5QjSjdRBcO9Nddxqcv%2Bvo82bfaS7PQ2csnRPgtBPW%2BZLmGm01rpWHe%2FilT4ck6gCE3MHag8g60VeY7ptn4IL8ycLjFvXNl1v4OqnGabLhfsIG8vjHm4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 8b731d86-7181-41ab-9405-fb1844f57a9a Show response
app.termly.io/resource-blocker/ 1002 KB
298 KB 210ms
175ms Script
text/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/8b731d86-7181-41ab-9405-fb1844f57a9a?autoBlock=on

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d250c1a5672dbb673deb5e22f6cfbb2288ce135c50ffd26ced54d5ea79d8fee

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: miss; no-origin
date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
x-request-id: e2538ab7-3140-46f4-bd06-8b02312c90c3
x-runtime: 0.045957
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"1d250c1a5672dbb673deb5e22f6cfbb2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 879888e5af05a22e-YYZ

GET
H2 200 css2
fonts.googleapis.com/ 468 KB
121 KB 144ms
59ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

cf566474b149fa637e00be0ac0f591d25d163e9ec2409c5a4951cc3ee1635139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 19:35:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 19:35:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 820 B
812 B 134ms
49ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Baskervville:ital@1&display=swap

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

57061c5be2221c59e6122a7ede5f8d614e728b08765a0c3618f40c879b4a08b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 19:35:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 19:35:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
723 B 162ms
77ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;700&display=swap

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

2f10a318d62c0b32f152823fdf3bd49e8f9a1120ecdd6301f9ec4216469d4f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 18:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 19:35:08 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 64ms
38ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1122558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3hFADw84QaokFHSBwBf0%2BxMhKJqxf%2BXN%2BxKbwqgj1e9jo%2BLcbU8vyM%2FU4MrGfg1%2FmMtsQvlioqbyBBNuhxXiFn2BCU9TEh7oL3j%2B9Zqjuj1wiuDba0ywt%2F96%2FvyN%2BGwrQ6QC6wEe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 879888e5abd1387e-YYZ
expires: Mon, 14 Apr 2025 19:35:08 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
905 B 140ms
62ms Script
text/javascript 142.251.167.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&onload=onReCaptchaLoad

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f106.1e100.net

Software

GSE /

Resource Hash

e2236f541be877951b44f5d07be465a0ef2be82a92931e859f3909ed246c2775

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 19:35:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 119ms
36ms Script
text/javascript 172.253.62.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f95.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 17:38:46 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 99ms
55ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Apr 2024 19:35:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19817514
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-yyz4582-YYZ
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 98ms
55ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Apr 2024 19:35:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12767660
x-jsd-version: 4.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16235
x-served-by: cache-fra-eddf8230032-FRA, cache-yyz4582-YYZ
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
26 KB 60ms
17ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Apr 2024 19:35:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5905829
x-jsd-version: 4.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26291
x-served-by: cache-fra-etou8220126-FRA, cache-yyz4582-YYZ
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 coreui.min.css
cdn.jsdelivr.net/npm/@coreui/coreui@4.2.4/dist/css/ 235 KB
36 KB 60ms
17ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@coreui/coreui@4.2.4/dist/css/coreui.min.css

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b45cb5577596e44e85a8a8aedf00fbe40432ad5b9000d1ea223cbee6753ae600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 24 Apr 2024 19:35:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1605265
x-jsd-version: 4.2.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36876
x-served-by: cache-fra-etou8220080-FRA, cache-yyz4582-YYZ
x-jsd-version-type: version
etag: W/"3ad2f-7/coZ1gPp7EoRI7mnJzFL/v5RPk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 coreui.css
aeso.everythingcard.ca/css/ 356 KB
45 KB 167ms
161ms Stylesheet
text/css 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/css/coreui.css

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e5a40765e640bfcf81d24169a264bfa94933349cc407dca15b686ec979a76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 03 May 2023 16:07:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"58eb2-5facc3f30fa00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCl5bQFLdq2Ep05sfyG2mUuHwJKtt21Ajz93ZJDMlAKe2utj4a8%2F5JGhCYngqYpmmRcwUP7dLHeZlB1qmbxTKCI%2FTHHwJFNnwIrF%2BMkc4qNw7QlqFC8k0ifMmYCCg64aB%2BOzNog5%2B%2BA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 879888e5886e53ef-YYZ

GET
H3 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.11/ 74 KB
19 KB 67ms
45ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.11/handlebars.min.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89307b17472793b30b3fb736c887960743145d282b8d8e6bcd71316d63a0cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 598137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18628
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-12630"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7KdQDVyznkYZutDMjtpTT0UYvCWfY1OM%2Bm%2FMBbyJrLY2wxA8wsIANMCZ3IDPJ3%2B6aD2%2FgEJFendChpv3YqcbfKyG3Rtojzy%2BMs6NUK7EKCdThdH%2BG8Si4cMpPJHPRnmdz6CpOgcm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 879888e5abcb387e-YYZ
expires: Mon, 14 Apr 2025 19:35:08 GMT

GET
H2 200 app_utility.js Show response
aeso.everythingcard.ca/js/ 14 KB
4 KB 56ms
50ms Script
text/javascript 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/js/app_utility.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae38c06e2a19ee092ac6009ff76cf064b4cf5e72e996cfc3df6f4a42bb7bc6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 09 Aug 2018 15:35:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"37ab-573025f352300-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAsyJqirW%2B468Aq7sSOQbI3tWAeNKEywy%2F1qMV6FmpGE2gObUF4I%2BUNx%2BmY86rS%2FUypW161KhDOu24Mt%2FH35lvIOC4OiASmRx1fKvDO3iCcrF93lzmwdHcf2SKXgGEZ9L9IHQIvzypQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 879888e5887653ef-YYZ

GET
H2 200 ie_unsupported.js Show response
aeso.everythingcard.ca/js/ 562 B
642 B 67ms
62ms Script
text/javascript 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/js/ie_unsupported.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5462ecdbdafad12a2548c271302f89f3473587e1239dcbd661309f4c2482d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 15 Sep 2017 14:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"232-5593b34b87680-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oN6o9JzEMEALBwN3Mk5nmuvAuRv5FnkdUlc01ARkINkzePkMIvsKU4q8BFBq5E1HaK6NXrFoHFLfk9w7%2BfCOtnXCS%2BLFbduFJdmkp%2Fzh%2F7mlTpm3xK%2Ba6wpRPNR2XvcVM4pOlxnELQw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 879888e5887853ef-YYZ

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ 57 KB
4 KB 49ms
28ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 592369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3511
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e311"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xR%2BspeKJ2PmPqbbyahefy7d4sGE7DmK7kJCBgDM4RTTC3zbSndOCEzpqHAI9%2Bm62FKoYjTE%2F7R%2BVDOPjqvpqx6K66LrskCVa4LvGpUN9VQnXJ6JecWfXZyBUIHExGc13AzN0QPJf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 879888e5abcf387e-YYZ
expires: Mon, 14 Apr 2025 19:35:08 GMT

GET
H2 200 app_default.css
aeso.everythingcard.ca/css/ 12 KB
2 KB 151ms
147ms Stylesheet
text/css 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/css/app_default.css

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e41d42c4b7e94ea5d21c87e1711bb9a8ee4834899afe8b849de8c4dd9c5d121a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 14:57:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"2f45-5cc1e082ff880-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J09lWHPXoMBOcLQjrg%2BszFtYnugPDxRn%2BUZ8LVbprMuXPzEIr7%2FzU1m5qPkmGD%2BvB0Mh%2FVusVCtI8bBCaYwzBpeLe2qSAUoUPHoaC3J2HUPjkcrS%2F4hnSGuhhTMwhAFfLszf1k9UuCM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 879888e5887053ef-YYZ

GET
H2 200 pulse.css
aeso.everythingcard.ca/css/ 4 KB
872 B 97ms
94ms Stylesheet
text/css 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/css/pulse.css?v=5

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c603761a5772e41801cb385593ba1e321cd372ff24ce836816701fb982a60d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 14:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"ec3-5af975aeda700-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYVgJsH0Twc2ZSu70DNJiUAqmmBMQzPaL7QWsOc8wni8ZEDV3Xo%2FTFmFSNZ%2BCBZD46zrLVtoCCD%2BzClnwh8zhyIC2g9tNle%2FGDhgdhTFbMyCyelxL7fWFcVlqCMV%2FfYt1FkJy7LTV3g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 879888e5887453ef-YYZ

GET
H2 200 surface4.png
aeso.everythingcard.ca/img/v3/envelope/ 924 KB
925 KB 87ms
84ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/v3/envelope/surface4.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35da7cfc9ae9ec3a61683ebfb77e4958ee42783d997dbfd6cee8decae5407f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 945770
last-modified: Mon, 05 Dec 2022 15:42:25 GMT
server: cloudflare
etag: "e6e6a-5ef1688ae5a40"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dW9sjlOGOhn50yMCi5J6RXaAAm8Ho7LPws%2BEUybzsdCWSD4bZXJg6H5FwHND2kkwY7ASkfNnwDtvFq42JRmexz0vW%2BdYn0uPgcs%2FNvcToO1QMfZqkISNHuFLencuGgC0DjPBOM0ORjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e5887c53ef-YYZ

GET
H2 200 box-circles-box.png
aeso.everythingcard.ca/img/v3/envelope/ 3 MB
3 MB 66ms
64ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/v3/envelope/box-circles-box.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd0c92535d0b508df767448419a9ddbb4069d7f33b4900030fe20b6470478ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 3158852
last-modified: Tue, 14 Sep 2021 21:43:00 GMT
server: cloudflare
etag: "303344-5cbfb7729a100"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H22%2B2ttXmeuS%2BV%2B7TKvFiroQEDfNsDrwTyGE1POZYVtU6yotVGCSZUK0aSEu1lcDYyW5Um69Rd3L41tsLoBSY%2FxUuj7aFawQkkgWyH71ZP3LKXYEdNS24Pz9V93r5P4xrQPkEHYkcK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e5887f53ef-YYZ

GET
H2 200 ribbon-v2.png
aeso.everythingcard.ca/img/v3/envelope/ 230 KB
231 KB 62ms
61ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/v3/envelope/ribbon-v2.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91c2bbb40f36455b4cdcf6c517a578265d66412931e107fa0ce59b4c858a610

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 235829
last-modified: Fri, 29 Oct 2021 17:24:17 GMT
server: cloudflare
etag: "39935-5cf8118c75240"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xmdYMdx7gRsKabB3x4dkTWnxE7ZH16%2FyyASGivTnKdoWbAfO4dNCWgPMNdU%2Bj7cZdGU0RyHOPYpqP9b%2BXF4g33p0%2FEEMG2A1pCdthYZZDeRMejJW1yHz3INgsDq1%2FYG2d5y4QOLKpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e68a4953ef-YYZ

GET
H2 200 box-top-shadow.png
aeso.everythingcard.ca/img/v3/envelope/ 10 KB
10 KB 52ms
52ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/v3/envelope/box-top-shadow.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1b45a4778c10e149aec57c11eb69455f9afcb173324db6d0bffce2cb90ad04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 10278
last-modified: Fri, 29 Oct 2021 17:24:02 GMT
server: cloudflare
etag: "2826-5cf8117e27080"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Rk3QxrQVZHPOXrUtrIDqrDKOJmINDBvBy7IwNDtefKlzl0i7Mb9dH097YrSij0eYmypp9Yys5xIi85YMNd4Pd70vothPo%2FzGh4qeTIAWJQdvjUvAx%2BO5y6FXbF9lmDjKo3yTMHWZ9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e6eb1653ef-YYZ

GET
H2 200 envelope-front.png
aeso.everythingcard.ca/img/v3/envelope/ 47 KB
47 KB 50ms
50ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/v3/envelope/envelope-front.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b19a9d768257b7e0d0390a107551e382335096cc1f9bf27b0f18b1618e5add8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 47793
last-modified: Mon, 05 Dec 2022 15:51:06 GMT
server: cloudflare
etag: "bab1-5ef16a7bc2e80"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaXHDjtiRoail3p7YDjK%2B3P3W%2FYTjwGWyvmquqNu52xPSrU%2BjKn%2FkgMFEg0x9N3i08SX7MBFGNqYqtupP3oGCz716EmXzer5Cl5XRXeBYR3TCXkZzSoxP6OaE5feHiGnivbqZeVo5Ng%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e74bbc53ef-YYZ

GET
H2 200 logo.jpg
aeso.everythingcard.ca/img/client/16342-28758-9024-3190/ 36 KB
36 KB 62ms
62ms Image
image/jpeg 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/client/16342-28758-9024-3190/logo.jpg?v=1670534251

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc3c547e501f110079e9661c291f077c0c4e244029a0f714e54f7720b7474df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 36922
last-modified: Thu, 08 Dec 2022 21:17:31 GMT
server: cloudflare
etag: "903a-5ef57909db0c0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atqshrZWF%2Fvsw%2BQweVrzF25E9c98Vab43bmHB2PH%2Fv30G6jee%2Fwc0n9wwdL0TJXihUngt%2B65utSJ3xuQ6S6qVGls4nb5rvyfKTRn6Qxx%2FlCj2T3lQfZXx%2FCQ0YdfqoMNKcHAaaL7DgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e76bf053ef-YYZ

GET
H2 200 box-circles-shadow3.png
aeso.everythingcard.ca/img/v3/envelope/ 14 KB
14 KB 48ms
47ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/v3/envelope/box-circles-shadow3.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28583af72937cdf235eea726e1524b6e4f3c20d35cadbfc5fc3c6e748c0a252e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 14247
last-modified: Fri, 29 Oct 2021 17:24:01 GMT
server: cloudflare
etag: "37a7-5cf8117d32e40"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2HVlMt%2Bco2vNlVB6B2qWZFH1gJEAZG0CcNP%2FjUa9%2BIOaWDzzorym1rwv3XHlay6G4FUIbdK%2FvV3icXsm2IFwbZ2BbiL3EzcS40buJvV%2BPVIiaz3usqkt6dysVGg0Y0DL1lX%2FjgQlzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e84d7d53ef-YYZ

GET
H2 200 ec-logo-black-300.png
aeso.everythingcard.ca/img/ec/ 5 KB
6 KB 49ms
49ms Image
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aeso.everythingcard.ca/img/ec/ec-logo-black-300.png

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33d02ae994107182c418a4c2a4fb23dd4913480d88d85d31942053b7f95d7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 5283
last-modified: Tue, 25 Feb 2020 17:19:43 GMT
server: cloudflare
etag: "14a3-59f69b190e9c0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWlmb%2BYKI4QwX%2BqOruA7SBGtjbMl7q0CHxRX6100JTn3lv2MytpnChuuJFqpPP4AanF76JzGvWVPWh5SKOnnHiYFkjrRGiM4Hau%2Fj0ehGNkld%2B%2FQThSDbRO7LGjbqzwokDvN8u8JuIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888e84d7f53ef-YYZ

GET
H3 200 tracker Show response
fraud.esiance.com/ 7 KB
3 KB 235ms
192ms Script
text/html 104.21.85.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=78tmt5ef8vr4epab532pj1ehma&u=&b=&r=

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.85.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12dc15b54d4638d06f86a08897a5034424b3dcd9e34b2297c98897e000ebe5cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 24 Apr 2024 19:35:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ztyJBQEOTmsJNVyccvHWR00kC5%2FQyIbfhEBNBtfx3gAzTXhv%2BFenssuxFvd6p%2FCxm7qrVkTCjPt5726XJMcCLcdtCQILZqwGgcvJm7DJygXY0y%2BvSj6UuLG0lkU6UUcrQnd3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 879888e91b7a1041-ORD
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/ 506 KB
202 KB 109ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&onload=onReCaptchaLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206057
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Apr 2025 19:15:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 113ms
36ms Script
text/javascript 142.251.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: aeso.everythingcard.ca
URL: https://aeso.everythingcard.ca/welcome/code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.100 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 18:32:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3732
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Apr 2024 20:32:57 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 51ms
31ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 591493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgCekqHQPhlOvQHiPK5UH0TauJqR1JGWkwGlDTkMQXHP4wiZ%2BxU48BGCGgW2xp%2FH9VqwjXQ38SZErLWkw2R6kZ3MGG%2F%2BWg%2By%2FVGcKLzs1dcO1V3dVxQZHpGvDpr2u%2FGLimhaJrhk"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 879888e91d5ba232-YYZ
expires: Mon, 14 Apr 2025 19:35:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 109ms
35ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 22:43:51 GMT
x-content-type-options: nosniff
age: 507078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Apr 2025 22:43:51 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 37ms
36ms Script
text/javascript 142.251.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.100 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f100.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Apr 2024 20:32:33 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 45ms
45ms XHR
text/plain 142.251.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1170000390&t=pageview&_s=1&dl=https%3A%2F%2Faeso.everythingcard.ca%2Fwelcome%2Fcode&ul=en-ca&de=UTF-8&dt=EverythingCard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIJAAAAACAAI~&jid=1648603112&gjid=773910291&cid=468210054.1713987309&tid=XXXXXXXXXXXXXXXXXXX&_gid=1563862929.1713987309&_r=1&_slc=1&z=945771422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.100 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Apr 2024 19:35:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aeso.everythingcard.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame ADD1 0
0 138ms
69ms Document
text/html 142.251.167.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&co=aHR0cHM6Ly9hZXNvLmV2ZXJ5dGhpbmdjYXJkLmNhOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=invisible&cb=chzxmhrjf2b5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f147.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e7nZNtjXbCnAv4HOQ-C5aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://aeso.everythingcard.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-e7nZNtjXbCnAv4HOQ-C5aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 19:35:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 2463 0
0 143ms
77ms Document
text/html 142.251.167.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-&co=aHR0cHM6Ly9hZXNvLmV2ZXJ5dGhpbmdjYXJkLmNhOjQ0Mw..&hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&size=normal&cb=y2abik9vzya7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f147.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t7pO6Lu_tQ-MWdeqGgZYSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://aeso.everythingcard.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-t7pO6Lu_tQ-MWdeqGgZYSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 19:35:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/ 34 KB
9 KB 30ms
29ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/fingerprint2.min.js

Requested by

Host: fraud.esiance.com
URL: https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=78tmt5ef8vr4epab532pj1ehma&u=&b=&r=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 592162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9015
last-modified: Mon, 04 May 2020 16:10:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5c-8648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5wPYqn%2FynzeGWDoVw9%2BE3LSr6ofX%2BSejPWqI8wx8CsdvAeWJYxkDWU%2BBrV1ppINehMo%2BgQQNG7cvTmswqavGJT0kSZbbLqbILlwnZu84UTBjSfbuE74M%2FADwkkmZcn8lowLGRA%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 879888ea5ba2387e-YYZ
expires: Mon, 14 Apr 2025 19:35:09 GMT

GET
H3 200 jstz.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/ 12 KB
4 KB 32ms
32ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/jstz.min.js

Requested by

Host: fraud.esiance.com
URL: https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=78tmt5ef8vr4epab532pj1ehma&u=&b=&r=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1810238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3385
last-modified: Mon, 04 May 2020 16:11:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ece-2f2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ld7rhwxJZyEW26%2Fz0h9w2HCZXy3LiXfROTZ4SdrqoC4cUtX9eFhG6fdnRW1wtmi7WPu3rc0uEM5EkgDAz%2BOWGyaAW8kZYmMSeKT%2BrTWqlBFYUN3zPiWh0LsBzLMuocIJ%2Bp570TqV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 879888ea5ba5387e-YYZ
expires: Mon, 14 Apr 2025 19:35:09 GMT

POST
H3 200 beacon Show response
fraud.cardswap.ca/tracker/ 195 B
740 B 900ms
855ms XHR
text/html 104.21.85.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fraud.cardswap.ca/tracker/beacon

Requested by

Host: fraud.esiance.com
URL: https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=78tmt5ef8vr4epab532pj1ehma&u=&b=&r=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.85.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3248cca0430edea9f14eb079d3eebdb416b2d761400e98fa57df9100a2c38675

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://aeso.everythingcard.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 24 Apr 2024 19:35:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jAvoeAv2hwTUMXxBC4f0vh0kqo3jG2DUA%2BtQqDV1ACjBs3ND14hWeZTK8HUhkFnpciBBKt7m%2Bv5wWr8kOkchlisyGdEaANnfWR8zo%2FTz4ezS52a6SHSPYAPaTMYMqNdJ%2BT1Gjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 879888eae9ae1054-ORD
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 favicon.png
aeso.everythingcard.ca/img/ 2 KB
2 KB 73ms
72ms Other
image/png 172.67.73.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aeso.everythingcard.ca/img/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb196ab66e9861403332f2bbbcbb3ac469dcae3fac79a33e002348fda9a78cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://aeso.everythingcard.ca/welcome/code
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 19:35:09 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 2146
last-modified: Wed, 28 Apr 2021 16:45:06 GMT
server: cloudflare
etag: "862-5c10b19d8e880"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P525JroHaZVpYFvd77H491vZWeI9xOn05FKnfcfjMp0LJSot2%2FNndhJZGT9Ro5HZgVPv2EzN7yqYBWYmEIyXN4B3Tf0fDyr5P1wAHYZSC8TS%2Fy0PzhcYLt%2BQIszYZ72DaGtFvTijSm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 879888ed982253ef-YYZ

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame FF8D 0
0 55ms
54ms Document
text/html 142.251.167.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f147.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FbVEs5blSGFx2JsntZVfLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://aeso.everythingcard.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FbVEs5blSGFx2JsntZVfLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 19:35:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 37ms
36ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:32:00 GMT
x-content-type-options: nosniff
age: 28992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:32:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 61ms
60ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 06:10:24 GMT
x-content-type-options: nosniff
age: 480288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 06:10:24 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 40ms
40ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://aeso.everythingcard.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 02:48:27 GMT
x-content-type-options: nosniff
age: 492405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 02:48:27 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aeso.everythingcard.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: 78tmt5ef8vr4epab532pj1ehma
.everythingcard.ca/	1970-01-21 05:42:27	Name: _ga Value: GA1.2.468210054.1713987309
.everythingcard.ca/	1970-01-20 20:07:53	Name: _gid Value: GA1.2.1563862929.1713987309
.everythingcard.ca/	1970-01-20 20:06:27	Name: _gat Value: 1
aeso.everythingcard.ca/	1970-01-21 05:42:27	Name: _fc Value: 221dcabf02b4fa13ae1acc2084926ef3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeso.everythingcard.ca
ajax.googleapis.com
app.termly.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fraud.cardswap.ca
fraud.esiance.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.17.25.14
104.18.31.234
104.21.85.189
104.21.85.216
142.251.167.100
142.251.167.106
142.251.167.147
142.251.167.94
151.101.129.229
172.253.115.95
172.253.122.94
172.253.62.95
172.67.73.12
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
12dc15b54d4638d06f86a08897a5034424b3dcd9e34b2297c98897e000ebe5cc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d250c1a5672dbb673deb5e22f6cfbb2288ce135c50ffd26ced54d5ea79d8fee
28583af72937cdf235eea726e1524b6e4f3c20d35cadbfc5fc3c6e748c0a252e
2f10a318d62c0b32f152823fdf3bd49e8f9a1120ecdd6301f9ec4216469d4f12
3248cca0430edea9f14eb079d3eebdb416b2d761400e98fa57df9100a2c38675
35da7cfc9ae9ec3a61683ebfb77e4958ee42783d997dbfd6cee8decae5407f49
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
57061c5be2221c59e6122a7ede5f8d614e728b08765a0c3618f40c879b4a08b9
57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab
7bd0c92535d0b508df767448419a9ddbb4069d7f33b4900030fe20b6470478ee
8c603761a5772e41801cb385593ba1e321cd372ff24ce836816701fb982a60d7
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a91c2bbb40f36455b4cdcf6c517a578265d66412931e107fa0ce59b4c858a610
af1b45a4778c10e149aec57c11eb69455f9afcb173324db6d0bffce2cb90ad04
b19a9d768257b7e0d0390a107551e382335096cc1f9bf27b0f18b1618e5add8d
b1d5381a99dc5cf2053ec0eefa9df498330d7e0219c948344dd4f377d8e63c98
b45cb5577596e44e85a8a8aedf00fbe40432ad5b9000d1ea223cbee6753ae600
bae38c06e2a19ee092ac6009ff76cf064b4cf5e72e996cfc3df6f4a42bb7bc6d
c5462ecdbdafad12a2548c271302f89f3473587e1239dcbd661309f4c2482d99
cf566474b149fa637e00be0ac0f591d25d163e9ec2409c5a4951cc3ee1635139
cfc3c547e501f110079e9661c291f077c0c4e244029a0f714e54f7720b7474df
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2236f541be877951b44f5d07be465a0ef2be82a92931e859f3909ed246c2775
e33d02ae994107182c418a4c2a4fb23dd4913480d88d85d31942053b7f95d7e7
e41d42c4b7e94ea5d21c87e1711bb9a8ee4834899afe8b849de8c4dd9c5d121a
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f2e5a40765e640bfcf81d24169a264bfa94933349cc407dca15b686ec979a76c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89307b17472793b30b3fb736c887960743145d282b8d8e6bcd71316d63a0cb7
fb196ab66e9861403332f2bbbcbb3ac469dcae3fac79a33e002348fda9a78cf4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

aeso.everythingcard.ca Open in urlscan Pro 172.67.73.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

13 IPs

2 Countries

5409 kBTransfer

7802 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aeso.everythingcard.ca Open in urlscan Pro
172.67.73.12 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

13
IPs

2
Countries

5409 kB
Transfer

7802 kB
Size

5
Cookies

44 HTTP transactions
0 data transactions