gmsenbunitedway.ca Open in urlscan Pro
35.196.216.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001WnIlEbBUOKv3eG82Io7_mr9dEBiQMywL_B2lJZBHI3COYOc8H2t0aNS7NC5v8sTglC_INjh1VCctqCVRaYDo...
Effective URL:
https://gmsenbunitedway.ca/donate-now/
Submission: On September 14 via api (September 14th 2023, 12:12:54 pm UTC) from CZ — Scanned from DE

Summary HTTP 103 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 103 HTTP transactions. The main IP is 35.196.216.66, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is gmsenbunitedway.ca.
TLS certificate: Issued by R3 on July 21st 2023. Valid for: 3 months.

This is the only time gmsenbunitedway.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
15	35.196.216.66 35.196.216.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2 30	52.228.114.141 52.228.114.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:b82::14a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a01:b740:a10... 2a01:b740:a10:f100::4	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
4	2a00:1450:400... 2a00:1450:400c:c04::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:310... 2a02:26f0:3100::1735:2a09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20b... 2600:9000:20b4:b600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	() ()
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
103	22

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.196.216.66 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.216.196.35.bc.googleusercontent.com

gmsenbunitedway.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 52.228.114.141 (Toronto, Canada) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.canadahelps.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:b82::14a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:b740:a10:f100::4 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:2a09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:b600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	canadahelps.org 2 redirects www.canadahelps.org	630 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	637 KB
15	gmsenbunitedway.ca gmsenbunitedway.ca	213 KB
14	google.com pay.google.com — Cisco Umbrella Rank: 2994 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 40	445 KB
12	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 419 fonts.googleapis.com — Cisco Umbrella Rank: 56 maps.googleapis.com — Cisco Umbrella Rank: 425	250 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 410 www.linkedin.com — Cisco Umbrella Rank: 692 px4.ads.linkedin.com	5 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 421	14 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 970	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	190 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1189	376 B
1	google.de www.google.de — Cisco Umbrella Rank: 5677	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 47	2 KB
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 22174	49 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1327	67 KB
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 14437
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 8513	356 B
103	16

	Domain	Requested by
30	www.canadahelps.org	2 redirects gmsenbunitedway.ca www.canadahelps.org
15	gmsenbunitedway.ca	gmsenbunitedway.ca
10	fonts.gstatic.com	fonts.googleapis.com www.canadahelps.org www.google.com
8	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
6	play.google.com	www.gstatic.com
6	maps.googleapis.com	www.canadahelps.org maps.googleapis.com
4	www.google.com	www.canadahelps.org www.gstatic.com www.google.com
4	pay.google.com	www.canadahelps.org pay.google.com gmsenbunitedway.ca www.gstatic.com
4	fonts.googleapis.com	ajax.googleapis.com www.canadahelps.org
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	maps.gstatic.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googletagmanager.com	www.canadahelps.org www.googletagmanager.com
2	ajax.googleapis.com	gmsenbunitedway.ca
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	www.google.de
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	applepay.cdn-apple.com	www.canadahelps.org
1	www.googleoptimize.com	www.canadahelps.org
1	cdn-4.convertexperiments.com	www.canadahelps.org
1	r20.rs6.net	1 redirects
103	24

This site contains links to these domains. Also see Links.

Domain
app.ringcentral.com
ukrainesenb.ca
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
uwmoncton.wpengine.com

Subject Issuer	Validity	Valid
gmsenbunitedway.ca R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
canadahelps.org DigiCert EV RSA CA G2	`2023-06-08` - `2024-07-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-06` - `2024-01-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2023-05-10` - `2023-11-06`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://gmsenbunitedway.ca/donate-now/
Frame ID: 65D3876D86298051B5171A3BECDF5E5C
Requests: 24 HTTP requests in this frame

Frame: https://www.canadahelps.org/en/dn/15058
Frame ID: 4E136626CB2C8A6C9586E4C98724FFAA
Requests: 62 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.canadahelps.org&mid=
Frame ID: CCEF1D8055D27027711FAE9B315A343B
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeWAsAiAAAAAJJjp4cLr7v5_yUVnC6ClZwDAh7c&co=aHR0cHM6Ly93d3cuY2FuYWRhaGVscHMub3JnOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=ve77kern5ezc
Frame ID: 3866512F05A44D9D22DF57F95D03B7F6
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate Now : United Way Greater Moncton and Southeastern New Brunswick

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001WnIlEbBUOKv3eG82Io7_mr9dEBiQMywL_B2lJZBHI3COYOc8H2t0aNS7NC5v8sTg... HTTP 302
https://gmsenbunitedway.ca/donate-now/ Page URL

Detected technologies

NextGEN Gallery (Photo Galleries) Expand

Overall confidence: 100%
Detected patterns

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

98 %
HTTPS

83 %
IPv6

16
Domains

24
Subdomains

22
IPs

4
Countries

2505 kB
Transfer

7620 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://app.ringcentral.com/login
Title: Board Portal

Search URL Search Domain Scan URL

URL: https://ukrainesenb.ca/
Title: Ukraine SENB Campaign

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UnitedWayGMSENB/

Search URL Search Domain Scan URL

URL: https://twitter.com/unitedwaygmsenb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/unitedwaygmsenb/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/unitedwaygmsenb/

Search URL Search Domain Scan URL

URL: http://uwmoncton.wpengine.com/financials/
Title: click here.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001WnIlEbBUOKv3eG82Io7_mr9dEBiQMywL_B2lJZBHI3COYOc8H2t0aNS7NC5v8sTglC_INjh1VCctqCVRaYDorplrrGurWvr5zL3x_CXDv0MKmZCa-w5ViEULMdtk2NEjnMAa3wjuMWx-dbaBvpMM6F1ilRceYew2LCJF_t1st2A= HTTP 302
https://gmsenbunitedway.ca/donate-now/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.canadahelps.org/services/wa/js/apps/donatenow/embed.min.js HTTP 301
https://www.canadahelps.org/secure/js/cdf_embed.2.js

Request Chain 15

https://www.canadahelps.org/en/dne/15058 HTTP 301
https://www.canadahelps.org/en/dn/15058

Request Chain 86

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2513906%26time%3D1694693572842%26url%3Dhttps%253A%252F%252Fgmsenbunitedway.ca%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true&liSync=true&e_ipv6=AQKecfg5_MBOkgAAAYqTm8Li9qfsjhDWo_-WzHofyL1rVMQliyuZaYdqRG6jmkVKpGYgCMweFp90gg

103 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gmsenbunitedway.ca/donate-now/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001WnIlEbBUOKv3eG82Io7_mr9dEBiQMywL_B2lJZBHI3COYOc8H2t0aNS7NC5v8sTglC_INjh1VCctqCVRaYDorplrrGurWvr5zL3x_CXDv0MKmZCa-w5ViEULMdtk2NEjnMAa3wjuMWx-dbaBvpMM6F1ilRceYew2LCJF_...
https://gmsenbunitedway.ca/donate-now/

39 KB
8 KB

805ms
211ms

Document
text/html

35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: b7f1a17e111bd680d08e072e4d3a061c21b9d769078db9201c8235ec4001859e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 12:12:48 GMT
link: <https://gmsenbunitedway.ca/wp-json/>; rel="https://api.w.org/" <https://gmsenbunitedway.ca/wp-json/wp/v2/pages/550>; rel="alternate"; type="application/json" <https://gmsenbunitedway.ca/?p=550>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine
x-tec-api-origin: https://gmsenbunitedway.ca
x-tec-api-root: https://gmsenbunitedway.ca/wp-json/tribe/events/v1/
x-tec-api-version: v1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 14 Sep 2023 12:12:48 GMT
Location: https://gmsenbunitedway.ca/donate-now/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 reset.min.css
gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/css/ 4 KB
1 KB 266ms
265ms Stylesheet
text/css 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/css/reset.min.css?ver=4.9.20
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e96cfe81431ab0c70414bc65dd83d59ada01405419c8faca900637fdfffdd48b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Fri, 25 Oct 2019 18:15:24 GMT
server: nginx
etag: W/"5db33bbc-11bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 common.min.css
gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/css/ 38 KB
6 KB 127ms
126ms Stylesheet
text/css 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/css/common.min.css?ver=4.9.20
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6794fb912a6a5464d197a7a705441e635ea956e6958ebfb923eee646bd0200bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Fri, 25 Oct 2019 18:15:24 GMT
server: nginx
etag: W/"5db33bbc-969f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tooltip.min.css
gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
771 B 110ms
110ms Stylesheet
text/css 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.9.20
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 34119901f74b4d927c3b3ac787f1b99819174e6308ad5d4cb05ba5409cb5ffa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Fri, 25 Oct 2019 18:15:24 GMT
server: nginx
etag: W/"5db33bbc-663"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
gmsenbunitedway.ca/wp-includes/css/dist/block-library/ 102 KB
14 KB 163ms
163ms Stylesheet
text/css 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: nginx
etag: W/"64b7c573-19824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
gmsenbunitedway.ca/wp-content/themes/unitedway/styles/css/ 251 KB
24 KB 164ms
163ms Stylesheet
text/css 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/themes/unitedway/styles/css/style.css?ver=6.3
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b966e83d30f62d6b1b044fdca532efa70daac0a66ff1774c71af34ab7c5b23d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Wed, 15 Sep 2021 14:31:19 GMT
server: nginx
etag: W/"614203b7-3ed1c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js?ver=1.9.1

Requested by

Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 04:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 04:47:15 GMT

GET
H2 200 scripts.js Show response
gmsenbunitedway.ca/wp-content/themes/unitedway/js/ 63 KB
18 KB 185ms
184ms Script
application/javascript 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/themes/unitedway/js/scripts.js?ver=1.0.0
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ade688dd76852583424f1ea4f0dccfd4eb90f3f5e1ac7cc60ccb8e719b55e424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Wed, 03 Jan 2018 21:05:34 GMT
server: nginx
etag: W/"5a4d459e-fcc7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 uw-central.png
gmsenbunitedway.ca/wp-content/uploads/2018/01/ 14 KB
14 KB 125ms
124ms Image
image/png 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmsenbunitedway.ca/wp-content/uploads/2018/01/uw-central.png
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 417596477c4bdbbac7579844296aa16e1a807bfb2fa2afe881d47b1c1facab98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
last-modified: Wed, 03 Jan 2018 17:55:57 GMT
server: nginx
etag: "5a4d192d-3754"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14164

GET
H2 200 Since-2013-Full-Colour.png
gmsenbunitedway.ca/wp-content/uploads/2018/01/ 34 KB
35 KB 145ms
144ms Image
image/png 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmsenbunitedway.ca/wp-content/uploads/2018/01/Since-2013-Full-Colour.png
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: eb0057c57601099ea08b0318eac4edd6abce6bca7a0add23664b552c175f5fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
last-modified: Mon, 08 Jan 2018 18:16:46 GMT
server: nginx
etag: "5a53b58e-8907"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35079

GET
H2

200

cdf_embed.2.js Show response
www.canadahelps.org/secure/js/
Redirect Chain

https://www.canadahelps.org/services/wa/js/apps/donatenow/embed.min.js
https://www.canadahelps.org/secure/js/cdf_embed.2.js

16 KB
7 KB

113ms
113ms

Script
application/javascript

52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/secure/js/cdf_embed.2.js

Requested by

Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/

Protocol

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

0d2425968489e433b3c5dd7eab4f0c08ed082c868e6b21a378959b0dcf86eb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 17:06:28 GMT
server: nginx
etag: W/"64ac3a94-3fda"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sat, 14 Oct 2023 12:12:49 GMT

Redirect headers

location: https://www.canadahelps.org/secure/js/cdf_embed.2.js
date: Thu, 14 Sep 2023 12:12:49 GMT
strict-transport-security: max-age=15768000
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 uw-central-white.png
gmsenbunitedway.ca/wp-content/uploads/2018/01/ 12 KB
12 KB 184ms
183ms Image
image/png 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmsenbunitedway.ca/wp-content/uploads/2018/01/uw-central-white.png
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1216e378c0b4b63e69cad526c8ec6aa34263c3591585824764d8c04155c7aa80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
last-modified: Wed, 03 Jan 2018 17:57:01 GMT
server: nginx
etag: "5a4d196d-308c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12428

GET
H2 200 imagine-ca-white.png
gmsenbunitedway.ca/wp-content/uploads/2018/01/ 7 KB
7 KB 184ms
183ms Image
image/png 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmsenbunitedway.ca/wp-content/uploads/2018/01/imagine-ca-white.png
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b051f5a05364845c9af84334745375a38908c2adb3c8001a66d0a4291dd828a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
last-modified: Wed, 03 Jan 2018 17:57:09 GMT
server: nginx
etag: "5a4d1975-1ba8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7080

GET
H2 200 tribe-common.min.js Show response
gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/js/ 321 B
391 B 108ms
107ms Script
application/javascript 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/js/tribe-common.min.js?ver=4.9.20
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf7a610c11489bfce177c3c71c5c7aec7101b1ba754d3d2aacc9636fc046c3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Fri, 25 Oct 2019 18:15:24 GMT
server: nginx
etag: W/"5db33bbc-141"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tooltip.min.js Show response
gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/js/ 523 B
502 B 185ms
184ms Script
application/javascript 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/plugins/the-events-calendar/common/src/resources/js/tooltip.min.js?ver=4.9.20
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 64c85e8b3d558b7ced2ce4d184dafd88b8dda0cfb0f388a06a7ff3e8f34841d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/donate-now/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: br
last-modified: Fri, 25 Oct 2019 18:15:24 GMT
server: nginx
etag: W/"5db33bbc-20b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 10:07:10 GMT

GET
H2

200

15058 Show response
www.canadahelps.org/en/dn/ Frame 4E13
Redirect Chain

https://www.canadahelps.org/en/dne/15058
https://www.canadahelps.org/en/dn/15058

54 KB
11 KB

141ms
141ms

Document
text/html

52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/en/dn/15058

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/services/wa/js/apps/donatenow/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

557234448e6448b8bc989545774d5775d2e887a526cffb0f9761ebc1b197728e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://gmsenbunitedway.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 14 Sep 2023 12:12:50 GMT
etag: W/"64f9db74-d6d6"
last-modified: Thu, 07 Sep 2023 14:17:24 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Thu, 14 Sep 2023 12:12:49 GMT
location: https://www.canadahelps.org/en/dn/15058
server: nginx
strict-transport-security: max-age=15768000

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:400,700%7CPoppins:400,500,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0df1c0dc62f2149395618d6e078e7fc3c27223c02dad15b1e408bbd0da8084e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 12:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 12:12:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 12:12:49 GMT

GET
H2 200 icon-search.png
gmsenbunitedway.ca/wp-content/themes/unitedway/img/ 306 B
508 B 109ms
109ms Image
image/png 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmsenbunitedway.ca/wp-content/themes/unitedway/img/icon-search.png
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/wp-content/themes/unitedway/styles/css/style.css?ver=6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e383cdd5b47e96975c8447a2cade923ec07471fd2d422ae3e9b8c0570ba6d4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gmsenbunitedway.ca/wp-content/themes/unitedway/styles/css/style.css?ver=6.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
last-modified: Fri, 22 Dec 2017 23:29:17 GMT
server: nginx
etag: "5a3d954d-132"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 306

GET
H2 200 fontawesome-webfont.woff2
gmsenbunitedway.ca/wp-content/themes/unitedway/fonts/ 70 KB
70 KB 117ms
117ms Font
font/woff2 35.196.216.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gmsenbunitedway.ca/wp-content/themes/unitedway/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/wp-content/themes/unitedway/styles/css/style.css?ver=6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.196.216.66 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.216.196.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://gmsenbunitedway.ca/wp-content/themes/unitedway/styles/css/style.css?ver=6.3
Origin: https://gmsenbunitedway.ca
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:49 GMT
last-modified: Fri, 22 Dec 2017 23:29:17 GMT
server: nginx
etag: "5a3d954d-118d8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 71896

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700%7CPoppins:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gmsenbunitedway.ca
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:46:00 GMT
x-content-type-options: nosniff
age: 152809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:46:00 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
25 KB 42ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700%7CPoppins:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gmsenbunitedway.ca
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:42:59 GMT
x-content-type-options: nosniff
age: 534590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:42:59 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 45ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700%7CPoppins:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gmsenbunitedway.ca
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 07:45:30 GMT
x-content-type-options: nosniff
age: 188839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 07:45:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700%7CPoppins:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gmsenbunitedway.ca
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 07:15:26 GMT
x-content-type-options: nosniff
age: 449843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 07:15:26 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,700%7CPoppins:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gmsenbunitedway.ca
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 43457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 00:08:32 GMT

GET
H2 200 iframeResizer.contentWindow.min.js Show response
www.canadahelps.org/services/wa/js/libs/iframeResizer/ Frame 4E13 11 KB
5 KB 444ms
443ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/services/wa/js/libs/iframeResizer/iframeResizer.contentWindow.min.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

b3cab5661ef0bb4e761199d63b58b8f2588ce8187375981799a17b1ca024f60f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
last-modified: Mon, 24 Jul 2023 13:11:29 GMT
server: nginx
etag: W/"1d88115c30bed91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript

GET
H2 200 e3968f70d4f22043.css
www.canadahelps.org/_next/static/css/ Frame 4E13 141 KB
19 KB 331ms
331ms Stylesheet
text/css 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/css/e3968f70d4f22043.css

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

7cae83087884820e7884c9246bb2ade677a35009fec5063e77fca830d296b606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-235c9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bb95b8b7eead2246.css
www.canadahelps.org/_next/static/css/ Frame 4E13 85 KB
32 KB 333ms
332ms Stylesheet
text/css 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/css/bb95b8b7eead2246.css

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

aa686c0a5f690eb149143e8ef666f9a2ba05a29448d13edd0e592e32bd86e57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-15598"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 webpack-42518b0b9546c797.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 4 KB
2 KB 437ms
435ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/webpack-42518b0b9546c797.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ef595f483f4c13d92ec3926914517fae9b4ef9844662e0bc4f1379ac56f4ef9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-1041"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 framework-348fd793b828b7db.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 138 KB
45 KB 437ms
434ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/framework-348fd793b828b7db.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ec6da3d9f9ce847358f8809dfe754c867fde30d598c7067278f5922c995d38f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-22715"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main-c97688ece2109b76.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 81 KB
26 KB 437ms
435ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/main-c97688ece2109b76.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

ade9a0460e844eb13b167c1c75a9633042b8300d0acdbdac25b375a95558f23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-144d1"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 _app-a3a0848b25f3f7ca.js Show response
www.canadahelps.org/_next/static/chunks/pages/ Frame 4E13 603 KB
163 KB 437ms
435ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

bab66c423233a064bf4ae813056bf4d49cd919c5c0051c55d3af5e6d19bb23a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-96a4e"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 9d0f1c31-8efcbd2f31cbc06c.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 5 KB
2 KB 438ms
435ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/9d0f1c31-8efcbd2f31cbc06c.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

9b573bdb2bfc6afd55f195c27e0944a2e7ac7e32d90797b06cd88329f76353e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-13aa"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 1df474da-c21f83ee1526a8a8.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 6 KB
3 KB 438ms
436ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/1df474da-c21f83ee1526a8a8.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

5dcd07b35aa00a5e1e9686254e09a078725b335934b09ed459214c20f9eca213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-1994"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 3f43c12b-ddcfa0ac54831c15.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 115 KB
34 KB 438ms
436ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/3f43c12b-ddcfa0ac54831c15.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6b75b6a8b8bf900caa17fdcc1afc2677c135c19339fcdefb6a888dab7d291b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-1cbad"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 9-4ebe422937874a60.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 835 KB
214 KB 438ms
436ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/9-4ebe422937874a60.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6e33eeeb221cc42314c5a6107c08c0f84b04796cebff8d067b425391f01d8542

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-d0b3d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 296-efe72f3c7a1ed88a.js Show response
www.canadahelps.org/_next/static/chunks/ Frame 4E13 171 KB
46 KB 438ms
436ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/296-efe72f3c7a1ed88a.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2de62f0146cf5689de9f2996905aa8d828f0963cd591920126fcac9b90395451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-2ac1b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 %5Bid%5D-a10ad16191e8026d.js Show response
www.canadahelps.org/_next/static/chunks/pages/%5Blang%5D/dn/ Frame 4E13 891 B
752 B 438ms
437ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/chunks/pages/%5Blang%5D/dn/%5Bid%5D-a10ad16191e8026d.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

295c2ff706032312f8eec23e6dee7256c3e7277e87711eb5706b828e0ca955d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-37b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 _buildManifest.js Show response
www.canadahelps.org/_next/static/0881ee02d3a7c344b33662f0eddf6800285f4b51/ Frame 4E13 2 KB
804 B 438ms
437ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/0881ee02d3a7c344b33662f0eddf6800285f4b51/_buildManifest.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

620654948512dcfe487fab5edb59adfb46a2d8f904c4cdb702eb76412da76baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:23 GMT
server: nginx
etag: W/"64f74467-74c"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 _ssgManifest.js Show response
www.canadahelps.org/_next/static/0881ee02d3a7c344b33662f0eddf6800285f4b51/ Frame 4E13 434 B
318 B 439ms
437ms Script
application/javascript 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/_next/static/0881ee02d3a7c344b33662f0eddf6800285f4b51/_ssgManifest.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

29be822371b9b5bc8698b1016d609fe9b3ae2596ff889b611966fdf7867faf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:08:30 GMT
server: nginx
etag: W/"64f7446e-1b2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 /
www.canadahelps.org/en/charities/logo/33663/ Frame 4E13 7 KB
7 KB 543ms
541ms Image
image/png 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadahelps.org/en/charities/logo/33663/

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

113d9e9c204fc3502fede75465585f15d52747b114c10802c1512a4f8db5a259

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-type: image
date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
server: nginx
vary: Cookie
x-frame-options: SAMEORIGIN
content-language: en

GET
H2 200 visa_logo.svg
www.canadahelps.org/secure/img/ Frame 4E13 3 KB
2 KB 439ms
437ms Image
image/svg+xml 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadahelps.org/secure/img/visa_logo.svg

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

22086ce481a4efb685ead4092b11c4f5e0f075c4ba1ab70ae27d937aa660de93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 17:58:59 GMT
server: nginx
etag: W/"64f76c63-d87"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
expires: Sat, 14 Oct 2023 12:12:50 GMT

GET
H2 200 visa_debit_logo.svg
www.canadahelps.org/secure/img/ Frame 4E13 4 KB
2 KB 439ms
437ms Image
image/svg+xml 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadahelps.org/secure/img/visa_debit_logo.svg

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4bea6efddf9320544372ea6adda9521b190452a99da244d1062a956adb117ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 17:58:59 GMT
server: nginx
etag: W/"64f76c63-11a1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
expires: Sat, 14 Oct 2023 12:12:50 GMT

GET
H2 200 mastercard_logo.svg
www.canadahelps.org/secure/img/ Frame 4E13 6 KB
2 KB 439ms
438ms Image
image/svg+xml 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadahelps.org/secure/img/mastercard_logo.svg

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2f69e97a51fea87cddf5886fe3ddc65e5e1b331dcabb1e86bd490aba56e25fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 17:58:59 GMT
server: nginx
etag: W/"64f76c63-1776"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
expires: Sat, 14 Oct 2023 12:12:50 GMT

GET
H2 200 american_express_logo.svg
www.canadahelps.org/secure/img/ Frame 4E13 10 KB
5 KB 439ms
438ms Image
image/svg+xml 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadahelps.org/secure/img/american_express_logo.svg

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4537ea3aad72df15f8f2905cae0e02d52374a16db03f515041c0d305f4b70678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:50 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 17:58:59 GMT
server: nginx
etag: W/"64f76c63-28ad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
expires: Sat, 14 Oct 2023 12:12:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4E13 3 KB
563 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/css/e3968f70d4f22043.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 12:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 11:42:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 12:12:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4E13 9 KB
922 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/css/e3968f70d4f22043.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

598dac89694017d12e812bdae67530962525b21b3d29f0c6cb54d64279476e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 12:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 11:06:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 12:12:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4E13 1 KB
566 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dancing+Script&display=swap

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/css/e3968f70d4f22043.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a189d68a897130c76b6dad6284671748c9a065e71be4b3854334c99f9a16db42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 12:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 12:12:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 12:12:50 GMT

GET
DATA 200
OK truncated
/ Frame 4E13 108 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c148dda22ec8eb9efdf5a034db45741c15b6efde867d3c0541cf589a65e63a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E13 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E13 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcdfccc2fa2b5e7fff67768f4221920d0f5b6a5b89f8e8b4b15ec397f71b68f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ Frame 4E13 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canadahelps.org/
Origin: https://www.canadahelps.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:52:43 GMT
x-content-type-options: nosniff
age: 62407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 18:52:43 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ Frame 4E13 14 KB
14 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/en/dn/15058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canadahelps.org/
Origin: https://www.canadahelps.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 17:37:58 GMT
x-content-type-options: nosniff
age: 153292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 17:37:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E13 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.canadahelps.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 50674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 22:08:16 GMT

GET
H2 200 10041324-10041363.js Show response
cdn-4.convertexperiments.com/js/ Frame 4E13 0
0 985ms
27ms Script
application/json 2a02:26f0:480:b82::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/10041324-10041363.js
Requested by: Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/main-c97688ece2109b76.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b82::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 4E13 184 KB
67 KB 988ms
29ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PVG6B3F

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/main-c97688ece2109b76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8d7289a8b21f6c5763c1f0965a6249c1eafedadb0726dcd226ce821d5841484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 12:12:52 GMT

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ Frame 4E13 162 KB
49 KB 965ms
8ms Script
application/javascript 2a01:b740:a10:f100::4
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/main-c97688ece2109b76.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:b740:a10:f100::4 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-apple-jingle-correlation-key: VW3IWXFZ6R3FRJJZCF7MP3NR6E
Date: Wed, 13 Sep 2023 13:23:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
x-b3-traceid: adb68b5cb9f47658a539117ec7edb1f1
Via: http/1.1 defra3-edge-lx-002.ts.apple.com (acdn/4.1), http/1.1 defra3-edge-bx-012.ts.apple.com (acdn/4.1)
Age: 82162
X-Cache: hit-fresh, hit-fresh
CDNUUID: 624c4e07-3faa-416b-be91-491f5c638d2c-5107062515
b3: adb68b5cb9f47658a539117ec7edb1f1-43b121d970df7bf0
Connection: keep-alive
Content-Length: 48883
X-XSS-Protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
Last-Modified: Mon, 28 Aug 2023 21:01:49 GMT
apple-originating-system: payment-client-service-PROD
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-apple-request-uuid: adb68b5c-b9f4-7658-a539-117ec7edb1f1
x-b3-spanid: 43b121d970df7bf0
Access-Control-Allow-Credentials: false
Cache-Control: public, max-age=86400, stale-while-revalidate=86400

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 4E13 117 KB
36 KB 1021ms
68ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/main-c97688ece2109b76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e51b39b935c7d0ffb35a8c983c49209aab324ffe297a272bb1c7ddeb7541ea9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-AnIBMgaRekmmebCHNHcc2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-AnIBMgaRekmmebCHNHcc2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 14 Sep 2023 12:12:52 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 4E13 190 KB
64 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3.27&libraries=places&key=AIzaSyBX3JKXDY61KvS5U9fZR5adrAK4ysE_zE0

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/main-c97688ece2109b76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

99901bc2f03a2d9f989352e018aa743334db17913d9a2a57f33aed51a7d08b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65733
x-xss-protection: 0

GET
H2 200 toggles Show response
www.canadahelps.org/site/api/CDF/ Frame 4E13 21 B
242 B 113ms
113ms Fetch
application/json 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/site/api/CDF/toggles

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

924cd0b4513b7e63e80c0e10cc525e4154b96332e21506b1ee76da33109cfe44

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 0.9955 msec
date: Thu, 14 Sep 2023 12:12:51 GMT
strict-transport-security: max-age=2592000, max-age=15768000
x-correlation-id: 907a4c23-bc68-400d-9744-bda01390db33
server: nginx
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
content-length: 21

GET
H2 200 33663 Show response
www.canadahelps.org/site/api/charity-admin/casl-setting/get/ Frame 4E13 166 B
388 B 121ms
121ms Fetch
application/json 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/site/api/charity-admin/casl-setting/get/33663

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

d389347d3048972b9695d0f66423e0cd59df9813e71fa22afc0f28782c6cb15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=15768000

Request headers

Accept: application/json
Referer: https://www.canadahelps.org/en/dn/15058
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 5.4037 msec
date: Thu, 14 Sep 2023 12:12:51 GMT
strict-transport-security: max-age=2592000, max-age=15768000
x-correlation-id: 80e27ad4-1df0-4842-9af5-00ad231a6b32
server: nginx
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
content-length: 166

GET
H2 204 donorInfo Show response
www.canadahelps.org/site/api/donor/ Frame 4E13 0
184 B 118ms
118ms Fetch 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/site/api/donor/donorInfo

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/en/dn/15058
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 0.5632 msec
date: Thu, 14 Sep 2023 12:12:51 GMT
strict-transport-security: max-age=2592000, max-age=15768000
x-correlation-id: bb95bc21-2275-4b3d-8b80-fcc5528835c8
server: nginx
x-powered-by: ASP.NET

GET
H2 200 getAmountRaised Show response
www.canadahelps.org/site/api/CDF/15058/ Frame 4E13 11 B
232 B 119ms
119ms Fetch
application/json 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/site/api/CDF/15058/getAmountRaised

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

5d26c94199f980e4db7abd4ba04ca0f9095074105a50a6c71fb330a72595270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=15768000

Request headers

Accept: application/json
Referer: https://www.canadahelps.org/en/dn/15058
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 4.1467 msec
date: Thu, 14 Sep 2023 12:12:51 GMT
strict-transport-security: max-age=2592000, max-age=15768000
x-correlation-id: 1f512faa-94b9-489b-acf8-4fa8a1d42928
server: nginx
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
content-length: 11

GET
H2 200 captcha-settings Show response
www.canadahelps.org/site/api/fraud/ Frame 4E13 199 B
422 B 118ms
118ms Fetch
application/json 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/site/api/fraud/captcha-settings

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

53da3af50ed9f8d16cf4b583d707f01e976578ee768cfbe2023c11e4877b6128

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=15768000

Request headers

accept: application/json
Referer: https://www.canadahelps.org/en/dn/15058
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type: application/json

Response headers

x-response-time: 0.2908 msec
date: Thu, 14 Sep 2023 12:12:51 GMT
strict-transport-security: max-age=2592000, max-age=15768000
x-correlation-id: f9a33dfd-84f2-41ff-abc8-3dd760d64341
server: nginx
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
content-length: 199

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 4E13 338 KB
104 KB 951ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4798506e379db8a2d60ea062581740d1589d1acc7841c7f3839f18cee2b3f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 12:12:52 GMT

POST
H2 200 GetPercentageFeesWithoutAmount Show response
www.canadahelps.org/site/api/Fees/ Frame 4E13 85 B
306 B 113ms
112ms Fetch
application/json 52.228.114.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.canadahelps.org/site/api/Fees/GetPercentageFeesWithoutAmount

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.228.114.141 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / ASP.NET

Resource Hash

9b80c29c000c91d70dc10d4e074fc15fb13f0a21f5d0291622a26b8ec83b4f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=15768000

Request headers

Referer: https://www.canadahelps.org/en/dn/15058?v2=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
content-type: application/json

Response headers

x-response-time: 1.2289 msec
date: Thu, 14 Sep 2023 12:12:51 GMT
strict-transport-security: max-age=2592000, max-age=15768000
x-correlation-id: e32b22cd-fe1a-49ff-8f34-76b030cf2e54
server: nginx
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
content-length: 85

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ Frame 4E13 1 KB
1 KB 54ms
26ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LeWAsAiAAAAAJJjp4cLr7v5_yUVnC6ClZwDAh7c&hl=en

Requested by

Host: www.canadahelps.org
URL: https://www.canadahelps.org/_next/static/chunks/pages/_app-a3a0848b25f3f7ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93ec1591f283a2b082176f6019bfe757c959ac6d865cf058eb86f3e28f4f6994

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 894
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 12:12:52 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 4E13 3 B
45 B 104ms
55ms XHR
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.27&libraries=places&key=AIzaSyBX3JKXDY61KvS5U9fZR5adrAK4ysE_zE0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.canadahelps.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/ Frame 4E13 253 KB
56 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.27&libraries=places&key=AIzaSyBX3JKXDY61KvS5U9fZR5adrAK4ysE_zE0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b2bde5796819d3b518e597ffeb8298f1d85878a09316615fa34d7f6836a638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56995
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:53:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 18:01:16 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/ Frame 4E13 154 KB
49 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.27&libraries=places&key=AIzaSyBX3JKXDY61KvS5U9fZR5adrAK4ysE_zE0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3517f86b0b10a1eaa987e8d95889c50febf5c1ac74ad893f43e689b4716234e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49726
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:53:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 18:01:16 GMT

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/ Frame 4E13 88 KB
23 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.27&libraries=places&key=AIzaSyBX3JKXDY61KvS5U9fZR5adrAK4ysE_zE0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77a8b6fe654712bdf086387c63f34aef19a0f096912ffe5fd704d45bf98b0b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23985
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:53:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 18:01:17 GMT

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/ Frame 4E13 48 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/5/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.27&libraries=places&key=AIzaSyBX3JKXDY61KvS5U9fZR5adrAK4ysE_zE0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0517bbb1b296c592d0cfc87f8185a6032e287783f4061c733727cce17362cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16290
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:53:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 18:01:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982804081/ Frame 4E13 3 KB
2 KB 96ms
47ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982804081/?random=1694693572526&cv=11&fst=1694693572526&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdn%2F15058%3Fv2%3Dtrue&ref=https%3A%2F%2Fgmsenbunitedway.ca%2F&hn=www.googleadservices.com&frm=2&tiba=Donate%20Now%20-%20United%20Way%20of%20Greater%20Moncton%20and%20Southeastern%20NB&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83ad97d26bed5ae4bf6071ea578d2676eebfaf62a8d7eabefd29605ca9296a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 4E13 44 KB
13 KB 55ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 14 Sep 2023 12:12:52 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FCA57A216D1B4F46A6368D14A228F136 Ref B: FRAEDGE1919 Ref C: 2023-09-14T12:12:52Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 4E13 12 KB
4 KB 33ms
9ms Script
application/x-javascript 2a02:26f0:3100::1735:2a09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=22177
accept-ranges: bytes
content-length: 3822

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4E13 253 KB
87 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B9HNHQ4V22&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVV45D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bee9a2e331db87a55624238e30369074f86bd8aad8a0073e1ef8dd9ce53c032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88562
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 12:12:52 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 4E13 451 KB
181 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LeWAsAiAAAAAJJjp4cLr7v5_yUVnC6ClZwDAh7c&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canadahelps.org/
Origin: https://www.canadahelps.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 06:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 06:01:51 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame CCEF 18 KB
8 KB 228ms
225ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.canadahelps.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81dcf5149ca892c9b307d6725cad986e27c4448139f9c2bd1d424a575fb7a72c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UpV1VfZZGuupgW7zhksscA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.canadahelps.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UpV1VfZZGuupgW7zhksscA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 14 Sep 2023 12:12:52 GMT
expires: Thu, 14 Sep 2023 12:12:52 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 4E13 2 KB
2 KB 58ms
16ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Thu, 14 Sep 2023 12:12:52 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 4E13 3 KB
3 KB 65ms
24ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Thu, 14 Sep 2023 12:12:52 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 4E13 13 KB
5 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:3100::1735:2a09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17904
accept-ranges: bytes
content-length: 4862

GET
H2 200 /
www.google.com/pagead/1p-user-list/982804081/ Frame 4E13 42 B
327 B 59ms
58ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982804081/?random=1694693572526&cv=11&fst=1694692800000&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdn%2F15058%3Fv2%3Dtrue&ref=https%3A%2F%2Fgmsenbunitedway.ca%2F&frm=2&tiba=Donate%20Now%20-%20United%20Way%20of%20Greater%20Moncton%20and%20Southeastern%20NB&fmt=3&is_vtc=1&random=1572135146&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 12:12:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/982804081/ Frame 4E13 42 B
455 B 45ms
21ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982804081/?random=1694693572526&cv=11&fst=1694692800000&bg=ffffff&guid=ON&async=1&gtm=45He39b0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.canadahelps.org%2Fen%2Fdn%2F15058%3Fv2%3Dtrue&ref=https%3A%2F%2Fgmsenbunitedway.ca%2F&frm=2&tiba=Donate%20Now%20-%20United%20Way%20of%20Greater%20Moncton%20and%20Southeastern%20NB&fmt=3&is_vtc=1&random=1572135146&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 12:12:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 17161329.js Show response
bat.bing.com/p/action/ Frame 4E13 0
116 B 31ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17161329.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 14 Sep 2023 12:12:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6DBAC4E249C7459EA710D203B02CD0AA Ref B: FRAEDGE1919 Ref C: 2023-09-14T12:12:52Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 4E13 0
284 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17161329&tm=gtm002&Ver=2&mid=197de685-cf33-456b-a46d-c196b70bfe76&sid=078ba45052f811eeb6a21912a83900d8&vid=078be54052f811eea286993a188774e2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20-%20United%20Way%20of%20Greater%20Moncton%20and%20Southeastern%20NB&p=https%3A%2F%2Fgmsenbunitedway.ca%2F&r=&lt=1475&evt=pageLoad&ifm=1&sv=1&rn=553356

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 14 Sep 2023 12:12:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8B15A2188484A34BB681F3E320E9030 Ref B: FRAEDGE1919 Ref C: 2023-09-14T12:12:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 3866 54 KB
30 KB 36ms
35ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeWAsAiAAAAAJJjp4cLr7v5_yUVnC6ClZwDAh7c&co=aHR0cHM6Ly93d3cuY2FuYWRhaGVscHMub3JnOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=ve77kern5ezc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e09d87bab5b2721f94cccaddfda55512f74fad28502ae8d85d7c299c814421bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kn2GZZVZbsGqHVD-tyLxTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.canadahelps.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 30547
content-security-policy: script-src 'report-sample' 'nonce-Kn2GZZVZbsGqHVD-tyLxTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 12:12:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2513906/domain/canadahelps.org/ Frame 4E13 36 B
376 B 67ms
14ms XHR
application/json 2600:9000:20b4:b600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2513906/domain/canadahelps.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:b600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.canadahelps.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 11:46:33 GMT
content-encoding: gzip
via: 1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 1579
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: NwI90dWEHJtRIG_fYodrT8Use9iGV_fz9KlNVvhNr5jdI4eWpG605w==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 4E13
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2513906%26time%3D1694693572842%26url%3Dhttps%253A%252F%252Fgmsenbunitedway.ca%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true&liSync=true&e_ipv6=AQKecfg5_MBOkgAAAYqTm8Li9qfsjhDWo_-WzHofyL...

0
265 B

185ms
116ms

Image
application/javascript

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true&liSync=true&e_ipv6=AQKecfg5_MBOkgAAAYqTm8Li9qfsjhDWo_-WzHofyL1rVMQliyuZaYdqRG6jmkVKpGYgCMweFp90gg
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.canadahelps.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A873625753ED4DAE8A3D5DF80C87BD04 Ref B: FRAEDGE1710 Ref C: 2023-09-14T12:12:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFUJhz/x8RfeVoB4WNOw==

Redirect headers

date: Thu, 14 Sep 2023 12:12:52 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B6422C5E784F4B58AD3972A30694BC47 Ref B: FRAEDGE1116 Ref C: 2023-09-14T12:12:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2513906&time=1694693572842&url=https%3A%2F%2Fgmsenbunitedway.ca%2F&cookiesTest=true&liSync=true&e_ipv6=AQKecfg5_MBOkgAAAYqTm8Li9qfsjhDWo_-WzHofyL1rVMQliyuZaYdqRG6jmkVKpGYgCMweFp90gg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFUJhxJVc7AxxKg/iEHg==

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame CCEF 156 KB
55 KB 85ms
45ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjctAw3NWnv6HKveSCqxEmDueoIWw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.canadahelps.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e75f7d0504404967c7b734e5213b3f337727b04296706c21a9f35fa105f8f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 16:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56145
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 05:28:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 16:18:04 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame CCEF 2 KB
2 KB 118ms
117ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: gmsenbunitedway.ca
URL: https://gmsenbunitedway.ca/donate-now/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 14 Sep 2023 12:12:52 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 3866 55 KB
24 KB 33ms
9ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeWAsAiAAAAAJJjp4cLr7v5_yUVnC6ClZwDAh7c&co=aHR0cHM6Ly93d3cuY2FuYWRhaGVscHMub3JnOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=ve77kern5ezc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 09:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 09:30:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 3866 451 KB
181 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 06:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 06:01:51 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame CCEF 72 KB
26 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriLYZDRmRqFJ5UUN8wEkk7jdZ987A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjctAw3NWnv6HKveSCqxEmDueoIWw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31803956549c3a52d9bc7be52a08b7fe4ec5cd6418fa3dbc52464df612eca88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 16:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26860
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 16:18:04 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3866 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 06:02:48 GMT
x-content-type-options: nosniff
age: 454205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 16 Sep 2023 06:02:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3866 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 465290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 02:58:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3866 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:51:22 GMT
x-content-type-options: nosniff
age: 454891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:51:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 3866 102 B
134 B 19ms
16ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeWAsAiAAAAAJJjp4cLr7v5_yUVnC6ClZwDAh7c&co=aHR0cHM6Ly93d3cuY2FuYWRhaGVscHMub3JnOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=ve77kern5ezc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 12:12:53 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame CCEF 1 MB
367 KB 77ms
77ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

402e5e95b89be281bb452068129b8d551983c62786257b65c47f7ac77f85b9c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3RTqUDF03LQ4dPzb2qcV5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:12:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3RTqUDF03LQ4dPzb2qcV5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 14 Sep 2023 12:12:53 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame CCEF 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriLYZDRmRqFJ5UUN8wEkk7jdZ987A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40754d925efe20d1d31c2a275f4f1627433534e9816fee7cc2b5e8207858287d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 16:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3926
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 16:18:04 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C... Frame CCEF 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.m_Je74d42oc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.k0C5PJVYFVg.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriLYZDRmRqFJ5UUN8wEkk7jdZ987A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9be3671410096370796c042daaaacc2118b32a36d85acb00d156ed2d8413e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 16:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13840
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 01:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 16:18:04 GMT

POST
H3 200 log Show response
play.google.com/ Frame CCEF 131 B
155 B 81ms
64ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 14 Sep 2023 12:12:53 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 12:12:53 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
40ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 14 Sep 2023 12:12:53 GMT
expires: Thu, 14 Sep 2023 12:12:53 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame CCEF 131 B
155 B 81ms
65ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 14 Sep 2023 12:12:53 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 12:12:53 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 69ms
40ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 14 Sep 2023 12:12:53 GMT
expires: Thu, 14 Sep 2023 12:12:53 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 69ms
43ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 14 Sep 2023 12:12:53 GMT
expires: Thu, 14 Sep 2023 12:12:53 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame CCEF 131 B
155 B 79ms
65ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 14 Sep 2023 12:12:53 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 12:12:53 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 19:08:24	Name: NID Value: 511=q6EyqGcFIQPQbYTk15squSLGOXCMYgpnawWYfbHRYPUkFMTdO7JeybjtO1m927YLOBzI35nxE1GnvTvYBBfE_cWgB28F0p5Ltn68t6ZYMxTQkJQJfZjAmXUuFemfuVJ9Ov_Ztm9WjdPxbBFxJAIPY0Z8PPTRsSId-eUuXym45Pc
.doubleclick.net/	1970-01-20 14:44:54	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 00:06:29	Name: MUID Value: 31277636E9D66DCB191465BAE8D66C3C
.linkedin.com/	1970-01-20 16:54:29	Name: li_sugr Value: 4acf968d-cdf4-492f-9b6c-897f9434ab72
.linkedin.com/	1970-01-20 23:30:29	Name: bcookie Value: "v=2&cdad5676-7b6a-4637-89b8-88ab02f5f9e7"
.linkedin.com/	1970-01-20 14:46:19	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2984:u=1:x=1:i=1694693572:t=1694779972:v=2:sig=AQFAWU3LHjUzsNbjRWVT8bXuR9X4-xyW"
.linkedin.com/	1970-01-20 15:28:05	Name: UserMatchHistory Value: AQIiiHprdeJRbwAAAYqTm8HpDxs0YGof1wsAVlZeLW9RxrMY-p438VTpak-8TIn6oleNwFIYsTx8wA
.linkedin.com/	1970-01-20 15:28:05	Name: AnalyticsSyncHistory Value: AQJsKSIAhzltqwAAAYqTm8Hpf6KnWjZ_WgMS46i0p0CzpBSdKeUC3N9NCALWV8l3i6HtPjXyb7SshaBOVc9vwQ
.www.linkedin.com/	1970-01-20 23:30:29	Name: bscookie Value: "v=1&202309141212530e117097-4c6c-44ec-8d5c-51ea96398caeAQE-hKDzIA9YIXD2cKMzqeN6nxr8gCJh"
.linkedin.com/	1970-01-20 19:04:05	Name: li_gc Value: MTswOzE2OTQ2OTM1NzM7MjswMjHAsK0Y8q6UZqcxtUI2Stu2hUTMNasiqEx4pTwdJlCaIg==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.canadahelps.org/services/wa/js/apps/donatenow/embed.min.js(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.canadahelps.org') does not match the recipient window's origin ('https://gmsenbunitedway.ca').
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
applepay.cdn-apple.com
bat.bing.com
cdn-4.convertexperiments.com
cdn.linkedin.oribi.io
fonts.googleapis.com
fonts.gstatic.com
gmsenbunitedway.ca
googleads.g.doubleclick.net
maps.googleapis.com
maps.gstatic.com
pay.google.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
r20.rs6.net
snap.licdn.com
www.canadahelps.org
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
208.75.122.11
2600:9000:20b4:b600:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:806::200a
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c04::5c
2a01:b740:a10:f100::4
2a02:26f0:3100::1735:2a09
2a02:26f0:480:b82::14a9
35.196.216.66
52.228.114.141
0c148dda22ec8eb9efdf5a034db45741c15b6efde867d3c0541cf589a65e63a3
0d2425968489e433b3c5dd7eab4f0c08ed082c868e6b21a378959b0dcf86eb28
0df1c0dc62f2149395618d6e078e7fc3c27223c02dad15b1e408bbd0da8084e9
0e75f7d0504404967c7b734e5213b3f337727b04296706c21a9f35fa105f8f84
113d9e9c204fc3502fede75465585f15d52747b114c10802c1512a4f8db5a259
1216e378c0b4b63e69cad526c8ec6aa34263c3591585824764d8c04155c7aa80
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f9be3671410096370796c042daaaacc2118b32a36d85acb00d156ed2d8413e4
22086ce481a4efb685ead4092b11c4f5e0f075c4ba1ab70ae27d937aa660de93
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
295c2ff706032312f8eec23e6dee7256c3e7277e87711eb5706b828e0ca955d4
29be822371b9b5bc8698b1016d609fe9b3ae2596ff889b611966fdf7867faf67
2de62f0146cf5689de9f2996905aa8d828f0963cd591920126fcac9b90395451
2f69e97a51fea87cddf5886fe3ddc65e5e1b331dcabb1e86bd490aba56e25fc6
31803956549c3a52d9bc7be52a08b7fe4ec5cd6418fa3dbc52464df612eca88b
3333a2035912d27f9f31d7ef4d7a59aab880a4a89fa54a729dcdf1bc8bcdb81c
34119901f74b4d927c3b3ac787f1b99819174e6308ad5d4cb05ba5409cb5ffa5
3517f86b0b10a1eaa987e8d95889c50febf5c1ac74ad893f43e689b4716234e3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6b75b6a8b8bf900caa17fdcc1afc2677c135c19339fcdefb6a888dab7d291b
402e5e95b89be281bb452068129b8d551983c62786257b65c47f7ac77f85b9c0
40754d925efe20d1d31c2a275f4f1627433534e9816fee7cc2b5e8207858287d
417596477c4bdbbac7579844296aa16e1a807bfb2fa2afe881d47b1c1facab98
4537ea3aad72df15f8f2905cae0e02d52374a16db03f515041c0d305f4b70678
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
4bea6efddf9320544372ea6adda9521b190452a99da244d1062a956adb117ef3
4f3604f1ead4e51e75612bbe34446f8f91b84879fa85453e8ca46a664f78b3cf
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53da3af50ed9f8d16cf4b583d707f01e976578ee768cfbe2023c11e4877b6128
557234448e6448b8bc989545774d5775d2e887a526cffb0f9761ebc1b197728e
598dac89694017d12e812bdae67530962525b21b3d29f0c6cb54d64279476e67
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b051f5a05364845c9af84334745375a38908c2adb3c8001a66d0a4291dd828a
5d26c94199f980e4db7abd4ba04ca0f9095074105a50a6c71fb330a72595270e
5dcd07b35aa00a5e1e9686254e09a078725b335934b09ed459214c20f9eca213
620654948512dcfe487fab5edb59adfb46a2d8f904c4cdb702eb76412da76baa
64c85e8b3d558b7ced2ce4d184dafd88b8dda0cfb0f388a06a7ff3e8f34841d8
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6794fb912a6a5464d197a7a705441e635ea956e6958ebfb923eee646bd0200bd
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
6e33eeeb221cc42314c5a6107c08c0f84b04796cebff8d067b425391f01d8542
6e51b39b935c7d0ffb35a8c983c49209aab324ffe297a272bb1c7ddeb7541ea9
77a8b6fe654712bdf086387c63f34aef19a0f096912ffe5fd704d45bf98b0b2f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7cae83087884820e7884c9246bb2ade677a35009fec5063e77fca830d296b606
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81dcf5149ca892c9b307d6725cad986e27c4448139f9c2bd1d424a575fb7a72c
83ad97d26bed5ae4bf6071ea578d2676eebfaf62a8d7eabefd29605ca9296a86
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
924cd0b4513b7e63e80c0e10cc525e4154b96332e21506b1ee76da33109cfe44
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93ec1591f283a2b082176f6019bfe757c959ac6d865cf058eb86f3e28f4f6994
99901bc2f03a2d9f989352e018aa743334db17913d9a2a57f33aed51a7d08b0d
9b573bdb2bfc6afd55f195c27e0944a2e7ac7e32d90797b06cd88329f76353e7
9b80c29c000c91d70dc10d4e074fc15fb13f0a21f5d0291622a26b8ec83b4f33
9bee9a2e331db87a55624238e30369074f86bd8aad8a0073e1ef8dd9ce53c032
a189d68a897130c76b6dad6284671748c9a065e71be4b3854334c99f9a16db42
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
aa686c0a5f690eb149143e8ef666f9a2ba05a29448d13edd0e592e32bd86e57c
ade688dd76852583424f1ea4f0dccfd4eb90f3f5e1ac7cc60ccb8e719b55e424
ade9a0460e844eb13b167c1c75a9633042b8300d0acdbdac25b375a95558f23d
b3cab5661ef0bb4e761199d63b58b8f2588ce8187375981799a17b1ca024f60f
b7f1a17e111bd680d08e072e4d3a061c21b9d769078db9201c8235ec4001859e
b966e83d30f62d6b1b044fdca532efa70daac0a66ff1774c71af34ab7c5b23d7
bab66c423233a064bf4ae813056bf4d49cd919c5c0051c55d3af5e6d19bb23a7
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cf7a610c11489bfce177c3c71c5c7aec7101b1ba754d3d2aacc9636fc046c3b6
d389347d3048972b9695d0f66423e0cd59df9813e71fa22afc0f28782c6cb15a
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dcdfccc2fa2b5e7fff67768f4221920d0f5b6a5b89f8e8b4b15ec397f71b68f2
e09d87bab5b2721f94cccaddfda55512f74fad28502ae8d85d7c299c814421bc
e383cdd5b47e96975c8447a2cade923ec07471fd2d422ae3e9b8c0570ba6d4ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4798506e379db8a2d60ea062581740d1589d1acc7841c7f3839f18cee2b3f11
e8d7289a8b21f6c5763c1f0965a6249c1eafedadb0726dcd226ce821d5841484
e96cfe81431ab0c70414bc65dd83d59ada01405419c8faca900637fdfffdd48b
eb0057c57601099ea08b0318eac4edd6abce6bca7a0add23664b552c175f5fa4
ec6da3d9f9ce847358f8809dfe754c867fde30d598c7067278f5922c995d38f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef595f483f4c13d92ec3926914517fae9b4ef9844662e0bc4f1379ac56f4ef9b
f0517bbb1b296c592d0cfc87f8185a6032e287783f4061c733727cce17362cd6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b2bde5796819d3b518e597ffeb8298f1d85878a09316615fa34d7f6836a638
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

gmsenbunitedway.ca Open in urlscan Pro 35.196.216.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

98 %HTTPS

83 %IPv6

16 Domains

24 Subdomains

22 IPs

4 Countries

2505 kBTransfer

7620 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gmsenbunitedway.ca Open in urlscan Pro
35.196.216.66 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

98 %
HTTPS

83 %
IPv6

16
Domains

24
Subdomains

22
IPs

4
Countries

2505 kB
Transfer

7620 kB
Size

10
Cookies

103 HTTP transactions
3 data transactions