www.mhcollective.ca Open in urlscan Pro
23.185.0.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mhcollective.ca/?gad_source=1
Submission: On April 15 via api (April 15th 2024, 2:53:59 am UTC) from US — Scanned from CA

Summary HTTP 50 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 50 HTTP transactions. The main IP is 23.185.0.3, located in United States and belongs to FASTLY, US. The main domain is www.mhcollective.ca.
TLS certificate: Issued by R3 on March 14th 2024. Valid for: 3 months.

This is the only time www.mhcollective.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	23.185.0.3 23.185.0.3	54113 (FASTLY) (FASTLY)
3	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
1	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
7	13.249.59.63 13.249.59.63	16509 (AMAZON-02) (AMAZON-02)
3	172.253.62.94 172.253.62.94	15169 (GOOGLE) (GOOGLE)
1	172.253.62.100 172.253.62.100	15169 (GOOGLE) (GOOGLE)
1 1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
1	99.86.102.103 99.86.102.103	16509 (AMAZON-02) (AMAZON-02)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1 2	142.251.163.149 142.251.163.149	15169 (GOOGLE) (GOOGLE)
2	100.21.129.250 100.21.129.250	16509 (AMAZON-02) (AMAZON-02)
5	104.18.18.161 104.18.18.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
2	54.185.52.110 54.185.52.110	16509 (AMAZON-02) (AMAZON-02)
1	52.217.87.60 52.217.87.60	16509 (AMAZON-02) (AMAZON-02)
50	16

16 23.185.0.3 (United States)

ASN54113 (FASTLY, US)

www.mhcollective.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.249.59.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-59-63.iah50.r.cloudfront.net

connect.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.102.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-103.iah50.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.149 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f149.1e100.net

12109290.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.21.129.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-129-250.us-west-2.compute.amazonaws.com

lab.analyticspodium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.161 (None, )

ASN13335 (CLOUDFLARENET, US)

mind-flayer.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.185.52.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-52-110.us-west-2.compute.amazonaws.com

api2.analyticspodium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.87.60 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

podium-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	mhcollective.ca www.mhcollective.ca	555 KB
12	podium.com connect.podium.com — Cisco Umbrella Rank: 28663 mind-flayer.podium.com — Cisco Umbrella Rank: 29004	268 KB
4	analyticspodium.com lab.analyticspodium.com — Cisco Umbrella Rank: 27455 api2.analyticspodium.com — Cisco Umbrella Rank: 25966	7 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	247 KB
2	doubleclick.net 1 redirects 12109290.fls.doubleclick.net	773 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	72 KB
1	amazonaws.com podium-prod.s3.amazonaws.com — Cisco Umbrella Rank: 145389	271 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 9022	12 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
1	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 160	18 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	257 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	914 B
50	14

	Domain	Requested by
16	www.mhcollective.ca	www.mhcollective.ca
7	connect.podium.com	www.mhcollective.ca connect.podium.com
5	mind-flayer.podium.com	connect.podium.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.mhcollective.ca www.googletagmanager.com
2	api2.analyticspodium.com	connect.podium.com
2	lab.analyticspodium.com	connect.podium.com
2	12109290.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.mhcollective.ca connect.facebook.net
1	podium-prod.s3.amazonaws.com
1	www.facebook.com	www.mhcollective.ca
1	cdn.callrail.com	www.googletagmanager.com
1	www.googleadservices.com	www.mhcollective.ca
1	adservice.google.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.mhcollective.ca
50	16

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.holmesrealty.com
leapxd.com

Subject Issuer	Validity	Valid
mhcollective.ca R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.podium.com Amazon RSA 2048 M02	`2023-05-24` - `2024-06-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.analyticspodium.com Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh
podium.com GTS CA 1P5	`2024-03-12` - `2024-06-11`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.mhcollective.ca/?gad_source=1
Frame ID: 45DEACCF4B549AD253DA416A74EDB557
Requests: 36 HTTP requests in this frame

Frame: https://12109290.fls.doubleclick.net/activityi;dc_pre=CL764tqbw4UDFb6KfwQdBhUHYg;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z8865387630za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1
Frame ID: 9100CFC2DEE22D022502370C3A2E4544
Requests: 1 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: C54E98B1A34BE30C53480DD158759934
Requests: 3 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 8A63CCC3677EAC28B58ED87DC8E253E7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MH Collective | Victoria, BC | Connecting People with the Right Spaces

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

92 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

16
IPs

2
Countries

1473 kB
Transfer

15713 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/mh.collective/
Title: Instagram Instagram icon

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mhcollective.realestate
Title: Facebook Facebook icon

Search URL Search Domain Scan URL

URL: https://www.holmesrealty.com/

Search URL Search Domain Scan URL

URL: https://leapxd.com/
Title: Website by LeapXD

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://adservice.google.com/pagead/regclk?auid=941467486.1713149633&url=https%3A%2F%2Fwww.mhcollective.ca%2F&tft=1713149633130&tfd=659&frm=0&gad_source=1&gtm=45He44a0v865387630za200&gcd=13l3l3l3l1&dma=0&npa=0 HTTP 302
https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=941467486.1713149633&url=https%3A%2F%2Fwww.mhcollective.ca%2F&tft=1713149633130&tfd=659&frm=0&gad_source=1&gtm=45He44a0v865387630za200&gcd=13l3l3l3l1&dma=0&npa=0

Request Chain 25

https://12109290.fls.doubleclick.net/activityi;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z8865387630za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1 HTTP 302
https://12109290.fls.doubleclick.net/activityi;dc_pre=CL764tqbw4UDFb6KfwQdBhUHYg;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z8865387630za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1

50 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mhcollective.ca/ 88 KB
19 KB 397ms
350ms Document
text/html 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c049caa6d60a2dc38ab7aff0bffbdf74dbcf38dc6f6790532852fcba363103f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=600
content-encoding: gzip
content-length: 18847
content-type: text/html; charset=UTF-8
date: Mon, 15 Apr 2024 02:53:52 GMT
link: <https://www.mhcollective.ca/wp-json/>; rel="https://api.w.org/" <https://www.mhcollective.ca/wp-json/wp/v2/pages/46>; rel="alternate"; type="application/json" <https://www.mhcollective.ca/>; rel=shortlink
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-pantheon-styx-hostname: styx-fe3fe4-g-79c98bd5f5-k8p76
x-served-by: cache-yyz4527-YYZ
x-styx-req-id: 64734ba9-fad3-11ee-bc50-c2705c596294
x-timer: S1713149633.528538,VS0,VE333

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
91 KB 130ms
51ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGHKE681M0

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a7fa4be251c243c2f5738d48f51fd67b9de59f08f25429c624c18ed75cd9b958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Apr 2024 02:53:52 GMT

GET
H2 200 jquery.9df8810f.min.js Show response
www.mhcollective.ca/wp-content/themes/michele-holmes/build/js/ 101 KB
41 KB 59ms
53ms Script
application/x-javascript 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-content/themes/michele-holmes/build/js/jquery.9df8810f.min.js?ver=1.0

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9ad1a3e9035d642266dc7276e923f99f7fbce70ddb877671361236b4c580bce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 03:32:54 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 516058
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-h-5798b959cd-5wzrp
content-length: 41369
x-served-by: cache-yyz4527-YYZ
last-modified: Mon, 08 Apr 2024 06:03:51 GMT
server: nginx
x-timer: S1713149633.894257,VS0,VE7
etag: W/"661388c7-19512"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: d9f1d56e-f621-11ee-baa7-468d1e33a310
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main.9df8810f.min.js Show response
www.mhcollective.ca/wp-content/themes/michele-holmes/build/js/ 136 KB
53 KB 38ms
32ms Script
application/x-javascript 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-content/themes/michele-holmes/build/js/main.9df8810f.min.js?ver=1.0

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8b1819ffb5dd394ce418350f86c0e6403d2e8284ee0d2f4a03bb5fbdd2cd7442

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 03:32:54 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 516058
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-h-5798b959cd-5wzrp
content-length: 53892
x-served-by: cache-yyz4527-YYZ
last-modified: Mon, 08 Apr 2024 06:03:51 GMT
server: nginx
x-timer: S1713149633.894306,VS0,VE6
etag: W/"661388c7-21efd"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: d9f30eb2-f621-11ee-baa7-468d1e33a310
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 safe-svg-block-frontend.css
www.mhcollective.ca/wp-content/plugins/safe-svg/dist/ 144 B
336 B 39ms
34ms Stylesheet
text/css 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-content/plugins/safe-svg/dist/safe-svg-block-frontend.css?ver=6.2.2

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a8def9a776da12619533927cd30c4561579b06ec5f44d63b90b2128088cf4720

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 23:47:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 443195
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-h-5df69d499f-htzxs
content-length: 107
x-served-by: cache-yyz4527-YYZ
last-modified: Tue, 09 Apr 2024 09:44:09 GMT
server: nginx
x-timer: S1713149633.893641,VS0,VE7
etag: W/"66150de9-90"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 7ff43067-f6cb-11ee-9a40-a6b82e5b9212
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 classic-themes.min.css
www.mhcollective.ca/wp-includes/css/ 291 B
438 B 27ms
23ms Stylesheet
text/css 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 23:47:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 443195
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-h-5df69d499f-htzxs
content-length: 211
x-served-by: cache-yyz4527-YYZ
last-modified: Tue, 09 Apr 2024 09:44:10 GMT
server: nginx
x-timer: S1713149633.893872,VS0,VE6
etag: W/"66150dea-123"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 7ff6d36c-f6cb-11ee-9a40-a6b82e5b9212
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.mhcollective.ca/ 88 KB
19 KB 347ms
342ms Stylesheet
text/html 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/?gad_source=1&ver=6.2.2

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c049caa6d60a2dc38ab7aff0bffbdf74dbcf38dc6f6790532852fcba363103f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:53 GMT
age: 0
x-cache: MISS
content-length: 18847
x-served-by: cache-yyz4527-YYZ
server: nginx
x-timer: S1713149633.894285,VS0,VE325
vary: Accept-Encoding, Cookie
content-type: text/html; charset=UTF-8
x-styx-req-id: 64ab350e-fad3-11ee-b87f-ee40cbf5aac7
cache-control: public, max-age=600
accept-ranges: bytes
link: <https://www.mhcollective.ca/wp-json/>; rel="https://api.w.org/", <https://www.mhcollective.ca/wp-json/wp/v2/pages/46>; rel="alternate"; type="application/json", <https://www.mhcollective.ca/>; rel=shortlink
x-pantheon-styx-hostname: styx-fe3fe4-g-79c98bd5f5-fmfj9

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
914 B 128ms
51ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Caslon+Text&family=Poppins:wght@400;700&display=swap

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

320508c3ca03194f2cd10ed279a1248ee27c8170ee5e516b18eae291740e45e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 02:53:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 02:53:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 02:53:52 GMT

GET
H2 200 main.9df8810f.min.css
www.mhcollective.ca/wp-content/themes/michele-holmes/build/css/ 354 KB
50 KB 27ms
24ms Stylesheet
text/css 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-content/themes/michele-holmes/build/css/main.9df8810f.min.css?ver=1.0

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ef6fa356c957845884afcbc0c1f6ab66b5699979a220495a13e988a85392615b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 23:47:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 443195
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-h-5df69d499f-htzxs
content-length: 51428
x-served-by: cache-yyz4527-YYZ
last-modified: Tue, 09 Apr 2024 09:44:10 GMT
server: nginx
x-timer: S1713149633.894281,VS0,VE6
etag: W/"66150dea-587e0"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 7ff6d380-f6cb-11ee-9a40-a6b82e5b9212
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 MH-Logo-Horizontal-White.svg
www.mhcollective.ca/wp-content/uploads/2021/09/ 4 KB
2 KB 35ms
33ms Image
image/svg+xml 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mhcollective.ca/wp-content/uploads/2021/09/MH-Logo-Horizontal-White.svg

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b2c5e3daef749e3fb65eb5c1e8856db7b61d99e3cfb5371bb05df971e9cbad20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 23:47:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 443195
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-g-59dd9f59f7-44g59
content-length: 1554
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 26 Jan 2022 18:14:12 GMT
server: nginx
x-timer: S1713149633.894217,VS0,VE6
etag: W/"61f18f74-105a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 801ba2b2-f6cb-11ee-80c8-9a17212eabf1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 MH-Logo-Horizontal-Black.svg
www.mhcollective.ca/wp-content/uploads/2021/09/ 4 KB
2 KB 55ms
53ms Image
image/svg+xml 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mhcollective.ca/wp-content/uploads/2021/09/MH-Logo-Horizontal-Black.svg

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

355c3b6c09aea2f90b401781038c1f915c3732d3c14f18250e4784e49a2f04d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 23:47:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:52 GMT
age: 443195
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-g-59dd9f59f7-44g59
content-length: 1555
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 26 Jan 2022 18:14:12 GMT
server: nginx
x-timer: S1713149633.894203,VS0,VE6
etag: W/"61f18f74-105d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 801bb95a-f6cb-11ee-80c8-9a17212eabf1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
84 KB 65ms
64ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJCDZ2N

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2120373c637ff9d897999bb33bdb7986533ceffd3bff52447e0b3aafe209a9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85681
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 02:53:53 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.mhcollective.ca/wp-includes/js/ 18 KB
6 KB 21ms
20ms Script
application/x-javascript 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 03:32:54 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 Apr 2024 02:53:53 GMT
age: 516058
x-cache: HIT
x-pantheon-styx-hostname: styx-fe3fe4-h-5798b959cd-v5vnw
content-length: 5842
x-served-by: cache-yyz4527-YYZ
last-modified: Mon, 08 Apr 2024 06:03:51 GMT
server: nginx
x-timer: S1713149633.031137,VS0,VE4
etag: W/"661388c7-4904"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: da08f23a-f621-11ee-a59c-8ef65993c415
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 widget.js Show response
connect.podium.com/ 679 KB
191 KB 198ms
67ms Script
application/javascript 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/widget.js
Requested by: Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 016e0030bd05ca43988c6b3097ce9fa8991615bcb243bd001db597e629a03aec

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:18:57 GMT
content-encoding: gzip
via: 1.1 9f04707c59950524f8bf18a726a3c160.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 16:18:46 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C2
age: 2096
etag: "59097619a563d325d13e8a1f3fa98b9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 195042
x-amz-cf-id: Vr4QqW3rJ5oknOLBPRHi2aWKsKW-qDFnI62SRXrbRaZ8vzckIYyarg==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 135ms
59ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Caslon+Text&family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 07:43:05 GMT
x-content-type-options: nosniff
age: 328248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Apr 2025 07:43:05 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 113ms
37ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Caslon+Text&family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 08:02:13 GMT
x-content-type-options: nosniff
age: 67900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Apr 2025 08:02:13 GMT

GET
H2 200 DdT878IGsGw1aF1JU10PUbTvNNaDMfq41-I.woff2
fonts.gstatic.com/s/librecaslontext/v5/ 24 KB
25 KB 115ms
39ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librecaslontext/v5/DdT878IGsGw1aF1JU10PUbTvNNaDMfq41-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Caslon+Text&family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

29310efc1007f608549e29ff78fa5ce8dffe0c1aa82c21b082d1de9dfc7334f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 10:27:10 GMT
x-content-type-options: nosniff
age: 318403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Apr 2025 10:27:10 GMT

GET
H2 200 MH-Start-1600x900.png.webp
www.mhcollective.ca/wp-content/uploads/2021/10/ 43 KB
43 KB 123ms
122ms Image
image/webp 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mhcollective.ca/wp-content/uploads/2021/10/MH-Start-1600x900.png.webp

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7fc95b8c6e389e4cbda3f131e6f24cb34520f121e420102342eca7f11c43d639

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe3fe4-g-79c98bd5f5-k8p76
strict-transport-security: max-age=300
date: Mon, 15 Apr 2024 02:53:53 GMT
via: 1.1 varnish
expires: Wed, 16 Apr 2025 02:53:53 GMT
age: 0
x-cache: MISS
content-length: 43930
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 26 Jan 2022 18:14:12 GMT
server: nginx
x-timer: S1713149633.053997,VS0,VE105
etag: "61f18f74-ab9a"
content-type: image/webp
x-styx-req-id: 64c3162d-fad3-11ee-bc50-c2705c596294
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 deb-michele-only-982x900.jpg
www.mhcollective.ca/wp-content/uploads/2023/11/ 131 KB
132 KB 91ms
90ms Image
image/jpeg 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mhcollective.ca/wp-content/uploads/2023/11/deb-michele-only-982x900.jpg

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8740682ae01bdd11b285613be39fdebc720c255f34842d0b231613892e13ee33

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe3fe4-g-79c98bd5f5-k8p76
strict-transport-security: max-age=300
date: Mon, 15 Apr 2024 02:53:53 GMT
via: 1.1 varnish
expires: Wed, 16 Apr 2025 02:53:53 GMT
age: 0
x-cache: MISS
content-length: 134592
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 22 Nov 2023 00:01:39 GMT
server: nginx
x-timer: S1713149633.054328,VS0,VE73
etag: "655d44e3-20dc0"
content-type: image/jpeg
x-styx-req-id: 64c32d71-fad3-11ee-bc50-c2705c596294
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Michele-Holmes-on-couch-420x420.jpg.webp
www.mhcollective.ca/wp-content/uploads/2021/10/ 17 KB
17 KB 21ms
20ms Image
image/webp 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mhcollective.ca/wp-content/uploads/2021/10/Michele-Holmes-on-couch-420x420.jpg.webp

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1e5464522357f77c13825e5159d542c8fbc847e468e5f518d4e572e1eac19a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe3fe4-h-5df69d499f-htzxs
strict-transport-security: max-age=300
date: Mon, 15 Apr 2024 02:53:53 GMT
via: 1.1 varnish
expires: Thu, 10 Apr 2025 23:47:22 GMT
age: 443191
x-cache: HIT
content-length: 17486
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 26 Jan 2022 18:14:12 GMT
server: nginx
x-timer: S1713149633.054297,VS0,VE3
etag: "61f18f74-444e"
content-type: image/webp
x-styx-req-id: 82771021-f6cb-11ee-9a40-a6b82e5b9212
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 house-with-patio-1000x1000.jpg.webp
www.mhcollective.ca/wp-content/uploads/2021/12/ 170 KB
170 KB 202ms
201ms Image
image/webp 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mhcollective.ca/wp-content/uploads/2021/12/house-with-patio-1000x1000.jpg.webp

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6f56ddd4463d78d7fd55c751e2cd9450d5c46bbf7433154932388c3617c20d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe3fe4-h-588d79894f-zlzcq
strict-transport-security: max-age=300
date: Mon, 15 Apr 2024 02:53:53 GMT
via: 1.1 varnish
expires: Wed, 16 Apr 2025 02:53:53 GMT
age: 0
x-cache: MISS
content-length: 173990
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 26 Jan 2022 18:14:12 GMT
server: nginx
x-timer: S1713149633.054493,VS0,VE184
etag: "61f18f74-2a7a6"
content-type: image/webp
x-styx-req-id: 64c51b86-fad3-11ee-984c-5ee9dec097fc
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
257 B 117ms
43ms Ping
text/plain 172.253.62.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GGHKE681M0&gtm=45je44a0v877108710za200&_p=1713149632912&gcd=13l3l3l3l1&npa=0&dma=0&cid=897180995.1713149633&ul=en-ca&sr=1600x1200&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713149633&sct=1&seg=0&dl=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1&dt=MH%20Collective%20%7C%20Victoria%2C%20BC%20%7C%20Connecting%20People%20with%20the%20Right%20Spaces&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=628
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGHKE681M0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.62.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 15 Apr 2024 02:53:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mhcollective.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/set_partitioned_cookie/
Redirect Chain

https://adservice.google.com/pagead/regclk?auid=941467486.1713149633&url=https%3A%2F%2Fwww.mhcollective.ca%2F&tft=1713149633130&tfd=659&frm=0&gad_source=1&gtm=45He44a0v865387630za200&gcd=13l3l3l3l1...
https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=941467486.1713149633&url=https%3A%2F%2Fwww.mhcollective.ca%2F&tft=1713149633130&tfd=659&frm=0&gad_source=1&gtm=45He44a0v86538763...

0
0

118ms
44ms

Ping
text/html

142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=941467486.1713149633&url=https%3A%2F%2Fwww.mhcollective.ca%2F&tft=1713149633130&tfd=659&frm=0&gad_source=1&gtm=45He44a0v865387630za200&gcd=13l3l3l3l1&dma=0&npa=0
Requested by: Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1
Protocol: H3
Server: 142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ww-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.mhcollective.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Redirect headers

date: Mon, 15 Apr 2024 02:53:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=941467486.1713149633&url=https%3A%2F%2Fwww.mhcollective.ca%2F&tft=1713149633130&tfd=659&frm=0&gad_source=1&gtm=45He44a0v865387630za200&gcd=13l3l3l3l1&dma=0&npa=0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 51ms
51ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12109290&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJCDZ2N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e9cf04bfda8b19b11d82f11adff026e8307e11754184b63954b76d67e05d322b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73065
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Apr 2024 02:53:53 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/692341904/bacd582d3aa3929059b2/12/ 37 KB
12 KB 233ms
107ms Script
text/javascript 99.86.102.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/692341904/bacd582d3aa3929059b2/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJCDZ2N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.102.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-102-103.iah50.r.cloudfront.net

Software

Resource Hash

f40cab3803e2341b16c8af0c72acada3e125ae4a00fbbdef1f07004ef4aa1209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4bb318647697ada204caea69d135927a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAH50-C3
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: be2bf210-f46b-41ce-8249-7fbcf05ca929
x-runtime: 0.008231
referrer-policy: strict-origin-when-cross-origin
etag: W/"f40cab3803e2341b16c8af0c72acada3"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: AA0iM5lsASiq__5DGTtoQhIB6ry0FvMdOb52GC2ooh0cakUTGPSdXw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 106ms
34ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Apr 2024 02:53:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: EtVd4zcOMlmGwl1/34rMMDaWJJCh+Xgi1pidZGze21AzLTXERb5Prt9dru/ZKcdt85sk0XIW6ablKOyHtXibcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CL764tqbw4UDFb6KfwQdBhUHYg;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7C...
12109290.fls.doubleclick.net/ Frame 9100
Redirect Chain

https://12109290.fls.doubleclick.net/activityi;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122...
https://12109290.fls.doubleclick.net/activityi;dc_pre=CL764tqbw4UDFb6KfwQdBhUHYg;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=...

0
0

95ms
94ms

Document
text/html

142.251.163.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12109290.fls.doubleclick.net/activityi;dc_pre=CL764tqbw4UDFb6KfwQdBhUHYg;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z8865387630za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12109290&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.149 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.mhcollective.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Apr 2024 02:53:53 GMT
expires: Mon, 15 Apr 2024 02:53:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Apr 2024 02:53:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12109290.fls.doubleclick.net/activityi;dc_pre=CL764tqbw4UDFb6KfwQdBhUHYg;src=12109290;type=invmedia;cat=mhcol0;ord=1;num=310226971011;npa=0;auiddc=941467486.1713149633;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;gtm=45fe44a0z8865387630za201;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 418179696828651 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 107ms
106ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/418179696828651?v=2.9.153&r=stable&domain=www.mhcollective.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

456db9f2dee3aa6099464c1fed8627e4920d784695b4e06e22999b09222fa541

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Apr 2024 02:53:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=63, mss=1380, tbw=63068, tp=-1, tpl=-1, uplat=73, ullat=0
pragma: public
x-fb-debug: pTfnUgoRil61sd9NrJq4mKjjsXkWrgCPfNvgSEzlvcyL4VeXUr4V3fjKgVtRQf4Ie6tvb/Sm1xk+mzyR3dIuxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 vardata
lab.analyticspodium.com/sdk/ Frame 0
0 285ms
101ms Preflight 100.21.129.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.analyticspodium.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

100.21.129.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-100-21-129-250.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.mhcollective.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.mhcollective.ca
access-control-max-age: 1800
age: 1428
apigw-requestid: WPx-Th_NPHcEPmA=
cache-control: no-store
content-length: 0
date: Mon, 15 Apr 2024 02:53:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Self=1-661c912e-20ab340f064e6b6550b49b95;Root=1-661c912e-2711615b0fa2c0f048906c38
x-cache: HIT
x-cache-hits: 865
x-content-type-options: nosniff
x-served-by: cache-bfi-kbfi7400114-BFI
x-timer: S1713149634.682627,VS0,VE0

GET
H2 200 vardata Show response
lab.analyticspodium.com/sdk/ 6 KB
6 KB 177ms
177ms Fetch
application/json 100.21.129.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lab.analyticspodium.com/sdk/vardata

Requested by

Host: connect.podium.com
URL: https://connect.podium.com/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

100.21.129.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-100-21-129-250.us-west-2.compute.amazonaws.com

Software

Resource Hash

a1eb7e26f49596a6f0387ba7f4d772b289f1d70f6db2a9052e111ff7865f4551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjMiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwiZGV2aWNlX2lkIjoiNzA5MzY3ODAtM2RhYy00OTA1LTkyN2UtMWNhZjZjYTZhNzdjIiwidXNlcl9wcm9wZXJ0aWVzIjp7fSwidXNlclByb3BlcnRpZXMiOnsic2NyaXB0VG9rZW4iOiI5NzFjNDNjZS04Mjg4LTQ1Y2YtYjVkYS0yMzNiM2Q0ODc2M2MifX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-Ouo1GRXThh3LlgIkIlMGrdQTd3m9VBlY
Referer: https://www.mhcollective.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 5931
apigw-requestid: WPx-UgOsPHcEPGw=
x-served-by: cache-bfi-kbfi7400080-BFI
x-timer: S1713149634.784932,VS0,VE74
x-amzn-trace-id: Self=1-661c96c1-50465bbf744774353a45716d;Root=1-661c96c1-69f933d26a02cceb0b961e5d
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mhcollective.ca
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 110 B
180 B 135ms
135ms XHR
application/json 104.18.18.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab3e1fc7cc85dd5c780a7676a849ae77de535b0ea900194557608c150518dc5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.mhcollective.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mhcollective.ca
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8748a5da6cdca24a-YYZ
x-request-id: F8ZUg-YXjjAU2463VCzx

OPTIONS
H2 200 graphql
mind-flayer.podium.com/ Frame 0
0 186ms
131ms Preflight 104.18.18.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mhcollective.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://www.mhcollective.ca
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8748a5d99b39a24a-YYZ
content-length: 0
date: Mon, 15 Apr 2024 02:53:53 GMT
server: cloudflare
vary: origin
x-request-id: F8ZUg953kkpF3PTHdJ7S
x-robots-tag: noindex

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 105ms
35ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=418179696828651&ev=PageView&dl=https%3A%2F%2Fwww.mhcollective.ca%2F%3Fgad_source%3D1&rl=&if=false&ts=1713149633482&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1713149633480.849094191&cs_est=true&ler=empty&cdl=API_unavailable&it=1713149633317&coo=false&rqm=GET

Requested by

Host: www.mhcollective.ca
URL: https://www.mhcollective.ca/?gad_source=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2755, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 Apr 2024 02:53:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cropped-MHC-Fav-32x32.png
www.mhcollective.ca/wp-content/uploads/2021/10/ 648 B
797 B 115ms
113ms Other
image/png 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-content/uploads/2021/10/cropped-MHC-Fav-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

008924ef1ec72dbd43849c789f8ca6d68700978c68aff0e6c5881c50e22eb3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/?gad_source=1
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe3fe4-g-79c98bd5f5-fmfj9
strict-transport-security: max-age=300
date: Mon, 15 Apr 2024 02:53:53 GMT
via: 1.1 varnish
expires: Wed, 16 Apr 2025 02:53:53 GMT
age: 0
x-cache: MISS
content-length: 648
x-served-by: cache-yyz4527-YYZ
last-modified: Wed, 26 Jan 2022 18:14:12 GMT
server: nginx
x-timer: S1713149634.741780,VS0,VE97
etag: "61f18f74-288"
content-type: image/png
x-styx-req-id: 652c0c21-fad3-11ee-b87f-ee40cbf5aac7
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 3 KB
1 KB 148ms
148ms XHR
application/json 104.18.18.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568eac5b55858fddf96df8ab6f8dff474c7d3a67c71ddd0fde7f81d6395349e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.mhcollective.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mhcollective.ca
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8748a5db5e34a24a-YYZ
x-request-id: F8ZUg-54YMr0WEW3VDTh

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 38 B
139 B 141ms
140ms XHR
application/json 104.18.18.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.mhcollective.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mhcollective.ca
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8748a5dc980ba24a-YYZ
content-length: 38
x-request-id: F8ZUg_r6gqiqnShztt7h

GET
H2 200 styles.css
connect.podium.com/ Frame C54E 64 KB
10 KB 57ms
56ms Stylesheet
text/css 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:19:47 GMT
content-encoding: gzip
via: 1.1 9f04707c59950524f8bf18a726a3c160.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 16:18:46 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C2
age: 2047
etag: "c1fa1977d66b8bebcb22901457400a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
content-length: 10003
x-amz-cf-id: ye1sn45lCw0UhdyoYJiAsmNV9tFBlUuxsG8ru5MMhkbgvFv7WrdETg==

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame C54E 34 KB
34 KB 233ms
117ms Font
binary/octet-stream 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://connect.podium.com/styles.css
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 19:02:23 GMT
via: 1.1 fc79390603ec53a5ab1fafb841b428c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C2
age: 28291
x-cache: Hit from cloudfront
content-length: 34640
last-modified: Fri, 12 Apr 2024 16:18:45 GMT
server: AmazonS3
etag: "1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
x-amz-cf-id: FA6Rw-LmJSTtG5dl9kh7seq-Azb56gLij3zJoHCaPJM98V1SZHa2fg==

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame C54E 30 KB
30 KB 213ms
98ms Font
binary/octet-stream 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://connect.podium.com/styles.css
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 19:02:23 GMT
via: 1.1 fc79390603ec53a5ab1fafb841b428c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C2
age: 28291
x-cache: Hit from cloudfront
content-length: 30548
last-modified: Fri, 12 Apr 2024 16:18:45 GMT
server: AmazonS3
etag: "c28f8beb02447597a13d138680f42e65"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
x-amz-cf-id: vGWkxIo8tQPHiyyx1DsDfgdbZ3HfTQH0IRA2h7F4tJJpimWegt2hTw==

POST
H2 200 httpapi Show response
api2.analyticspodium.com/2/ 94 B
364 B 115ms
114ms Fetch
application/json 54.185.52.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.analyticspodium.com/2/httpapi

Requested by

Host: connect.podium.com
URL: https://connect.podium.com/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.185.52.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-185-52-110.us-west-2.compute.amazonaws.com

Software

Resource Hash

062b158f14157d808a2fadb1bc9a47ef47fa32804986af48abcbf5e5f658b6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.mhcollective.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:54 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Self=1-661c96c2-23d12cc7215107226b7b8c38;Root=1-661c96c2-4111cd911ff50c572ec8eeb7
content-length: 94
apigw-requestid: WPx-eig9PHcEMFw=

OPTIONS
H2 200 httpapi
api2.analyticspodium.com/2/ Frame 0
0 281ms
95ms Preflight 54.185.52.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.analyticspodium.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.185.52.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-185-52-110.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mhcollective.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
apigw-requestid: WPx-djVTvHcEM5Q=
content-length: 0
date: Mon, 15 Apr 2024 02:53:54 GMT
strict-transport-security: max-age=15768000

GET
H2 206 mhc-header-final-2022-1080p.mp4
www.mhcollective.ca/wp-content/uploads/2022/08/ 12 MB
0 22ms
21ms Media
video/mp4 23.185.0.3
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mhcollective.ca/wp-content/uploads/2022/08/mhc-header-final-2022-1080p.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.mhcollective.ca/?gad_source=1
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe3fe4-h-588d79894f-zlzcq
strict-transport-security: max-age=300
date: Mon, 15 Apr 2024 02:53:54 GMT
via: 1.1 varnish
expires: Wed, 16 Apr 2025 02:40:06 GMT
age: 828
x-cache: HIT
Content-Range: bytes 0-12729025/12729026
Content-Length: 12729026
x-served-by: cache-yyz4527-YYZ
last-modified: Thu, 04 Aug 2022 17:28:23 GMT
server: nginx
x-timer: S1713149635.931450,VS0,VE3
etag: "62ec01b7-c23ac2"
content-type: video/mp4
x-styx-req-id: 783349dd-fad1-11ee-984c-5ee9dec097fc
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 graphql Show response
mind-flayer.podium.com/ 38 B
137 B 144ms
143ms XHR
application/json 104.18.18.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com/graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.mhcollective.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:53:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mhcollective.ca
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8748a5e91c74a24a-YYZ
content-length: 38
x-request-id: F8ZUhHJXWygGjH22nzmi

GET
H2 200 styles.css
connect.podium.com/ Frame 8A63 64 KB
0 0ms
0ms Stylesheet
text/css 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 02:19:47 GMT
content-encoding: gzip
via: 1.1 9f04707c59950524f8bf18a726a3c160.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 16:18:46 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C2
age: 2047
etag: "c1fa1977d66b8bebcb22901457400a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
content-length: 10003
x-amz-cf-id: ye1sn45lCw0UhdyoYJiAsmNV9tFBlUuxsG8ru5MMhkbgvFv7WrdETg==

GET
H/1.1 200
OK avatar%2F3447740%2Fa4a42cdb-b669-48fd-8a88-6fbdb0768ce3%2Favatar.jpeg
podium-prod.s3.amazonaws.com/ Frame 8A63 271 KB
271 KB 138ms
60ms Image
binary/octet-stream 52.217.87.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podium-prod.s3.amazonaws.com/avatar%2F3447740%2Fa4a42cdb-b669-48fd-8a88-6fbdb0768ce3%2Favatar.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.87.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7d257e67c3badca696467c3634fb8f86d4eaa85609c8e17e6eeda92d9cf2b058

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.mhcollective.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 15 Apr 2024 02:53:57 GMT
Last-Modified: Mon, 20 Nov 2023 21:59:27 GMT
Server: AmazonS3
x-amz-request-id: H5H51HJSEAZT2MP5
ETag: "50682d6ed2255d429aa40ea83c8a1c7d"
x-amz-server-side-encryption: AES256
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 277601
x-amz-id-2: 6goYhCYTTIFnL7dylrgY4Q+tXhVjUHMdirvGQjDOXPaPizU5Oo2o1MZKcM5Wx2PxsGKMycDhy2c=

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame 8A63 34 KB
0 2ms
2ms Font
binary/octet-stream 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://connect.podium.com/styles.css
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 19:02:23 GMT
via: 1.1 fc79390603ec53a5ab1fafb841b428c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C2
age: 28291
x-cache: Hit from cloudfront
content-length: 34640
last-modified: Fri, 12 Apr 2024 16:18:45 GMT
server: AmazonS3
etag: "1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
x-amz-cf-id: FA6Rw-LmJSTtG5dl9kh7seq-Azb56gLij3zJoHCaPJM98V1SZHa2fg==

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 8A63 30 KB
0 4ms
4ms Font
binary/octet-stream 13.249.59.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-63.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://connect.podium.com/styles.css
Origin: https://www.mhcollective.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 19:02:23 GMT
via: 1.1 fc79390603ec53a5ab1fafb841b428c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C2
age: 28291
x-cache: Hit from cloudfront
content-length: 30548
last-modified: Fri, 12 Apr 2024 16:18:45 GMT
server: AmazonS3
etag: "c28f8beb02447597a13d138680f42e65"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers
x-amz-cf-id: vGWkxIo8tQPHiyyx1DsDfgdbZ3HfTQH0IRA2h7F4tJJpimWegt2hTw==

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mhcollective.ca/	1970-01-21 05:28:29	Name: _ga_GGHKE681M0 Value: GS1.1.1713149633.1.0.1713149633.0.0.0
.mhcollective.ca/	1970-01-21 05:28:29	Name: _ga Value: GA1.1.897180995.1713149633
.mhcollective.ca/	1970-01-20 22:02:05	Name: _gcl_au Value: 1.1.941467486.1713149633
.mhcollective.ca/	1970-01-21 04:38:05	Name: AMP_MKTG_16a5c84b5b Value: JTdCJTdE
.mhcollective.ca/	1970-01-21 04:38:05	Name: calltrk_referrer Value: direct
.mhcollective.ca/	1970-01-21 04:38:05	Name: calltrk_landing Value: https%3A//www.mhcollective.ca/%3Fgad_source%3D1
.mhcollective.ca/	1970-01-21 04:38:05	Name: AMP_16a5c84b5b Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI3MDkzNjc4MC0zZGFjLTQ5MDUtOTI3ZS0xY2FmNmNhNmE3N2MlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzEzMTQ5NjMzNDQxJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcxMzE0OTYzMzQ3MyU3RA==
.mhcollective.ca/	1970-01-20 22:02:05	Name: _fbp Value: fb.1.1713149633480.849094191
.doubleclick.net/	1970-01-20 19:52:30	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-21 00:11:41	Name: receive-cookie-deprecation Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/418179696828651?v=2.9.153&r=stable&domain=www.mhcollective.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.mhcollective.ca/?gad_source=1 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.mhcollective.ca/?gad_source=1 Message: The resource https://www.mhcollective.ca/wp-content/plugins/safe-svg/dist/safe-svg-block-frontend.css?ver=6.2.2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.mhcollective.ca/?gad_source=1 Message: The resource https://www.mhcollective.ca/?gad_source=1&ver=6.2.2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12109290.fls.doubleclick.net
adservice.google.com
api2.analyticspodium.com
cdn.callrail.com
connect.facebook.net
connect.podium.com
fonts.googleapis.com
fonts.gstatic.com
lab.analyticspodium.com
mind-flayer.podium.com
podium-prod.s3.amazonaws.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.mhcollective.ca
100.21.129.250
104.18.18.161
13.249.59.63
142.251.111.97
142.251.163.149
142.251.167.155
172.253.115.95
172.253.62.100
172.253.62.157
172.253.62.94
23.185.0.3
31.13.66.19
31.13.66.35
52.217.87.60
54.185.52.110
99.86.102.103
008924ef1ec72dbd43849c789f8ca6d68700978c68aff0e6c5881c50e22eb3d4
016e0030bd05ca43988c6b3097ce9fa8991615bcb243bd001db597e629a03aec
062b158f14157d808a2fadb1bc9a47ef47fa32804986af48abcbf5e5f658b6d7
1e5464522357f77c13825e5159d542c8fbc847e468e5f518d4e572e1eac19a48
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
2120373c637ff9d897999bb33bdb7986533ceffd3bff52447e0b3aafe209a9b0
29310efc1007f608549e29ff78fa5ce8dffe0c1aa82c21b082d1de9dfc7334f0
2a810f9fce465fc48af5ccbdd146af8d249e8fae8ba9c465005140fca073b1dd
320508c3ca03194f2cd10ed279a1248ee27c8170ee5e516b18eae291740e45e1
355c3b6c09aea2f90b401781038c1f915c3732d3c14f18250e4784e49a2f04d6
456db9f2dee3aa6099464c1fed8627e4920d784695b4e06e22999b09222fa541
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
568eac5b55858fddf96df8ab6f8dff474c7d3a67c71ddd0fde7f81d6395349e8
6f56ddd4463d78d7fd55c751e2cd9450d5c46bbf7433154932388c3617c20d91
7d257e67c3badca696467c3634fb8f86d4eaa85609c8e17e6eeda92d9cf2b058
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fc95b8c6e389e4cbda3f131e6f24cb34520f121e420102342eca7f11c43d639
8740682ae01bdd11b285613be39fdebc720c255f34842d0b231613892e13ee33
8a78824e0e4e78e9e0797e8b3e147d290c7e164e8715b6f983efc924214f9f76
8b1819ffb5dd394ce418350f86c0e6403d2e8284ee0d2f4a03bb5fbdd2cd7442
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9ab3e1fc7cc85dd5c780a7676a849ae77de535b0ea900194557608c150518dc5
9ad1a3e9035d642266dc7276e923f99f7fbce70ddb877671361236b4c580bce0
a1eb7e26f49596a6f0387ba7f4d772b289f1d70f6db2a9052e111ff7865f4551
a7fa4be251c243c2f5738d48f51fd67b9de59f08f25429c624c18ed75cd9b958
a8def9a776da12619533927cd30c4561579b06ec5f44d63b90b2128088cf4720
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
ad9bb0925961e419aed1dd031aac0bc66e4023dc1eda85672c1611a6e2d053b0
b2c5e3daef749e3fb65eb5c1e8856db7b61d99e3cfb5371bb05df971e9cbad20
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c049caa6d60a2dc38ab7aff0bffbdf74dbcf38dc6f6790532852fcba363103f8
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cf04bfda8b19b11d82f11adff026e8307e11754184b63954b76d67e05d322b
ef6fa356c957845884afcbc0c1f6ab66b5699979a220495a13e988a85392615b
f40cab3803e2341b16c8af0c72acada3e125ae4a00fbbdef1f07004ef4aa1209

www.mhcollective.ca Open in urlscan Pro 23.185.0.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

0 %IPv6

14 Domains

16 Subdomains

16 IPs

2 Countries

1473 kBTransfer

15713 kBSize

10 Cookies

4 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.mhcollective.ca Open in urlscan Pro
23.185.0.3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

16
IPs

2
Countries

1473 kB
Transfer

15713 kB
Size

10
Cookies

50 HTTP transactions
-3 data transactions