urlscan.io logo urlscan.io
SecurityTrails logo

canadaims.site Open in urlscan Pro
2606:4700:3036::6815:b73  Public Scan

Go To Rescan Add Verdict Report
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_me...
Submission: On May 16 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3036::6815:b73, located in United States and belongs to CLOUDFLARENET, US. The main domain is canadaims.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2022. Valid for: a year.
This is the only time canadaims.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 107.154.114.122 19551 (INCAPSULA)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 23.35.237.86 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
17 45.223.128.234 19551 (INCAPSULA)
2 64.202.112.63 23352 (SERVERCEN...)
1 2a00:1450:400... 15169 (GOOGLE)
47 12
2    2606:4700:3036::6815:b73 (United States)

ASN13335 (CLOUDFLARENET, US)
canadaims.site
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
16    2606:4700:3033::6815:456f (United States)

ASN13335 (CLOUDFLARENET, US)
canadaims.org
1    107.154.114.122 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.122.ip.incapdns.net
atsc.activetrail.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
17    45.223.128.234 (United States)

ASN19551 (INCAPSULA, US)
direct.tranzila.com
2    64.202.112.63 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
17 tranzila.com
direct.tranzila.com — Cisco Umbrella Rank: 923361
177 KB
16 canadaims.org
canadaims.org
265 KB
3 gstatic.com
fonts.gstatic.com
52 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3121
tr.outbrain.com — Cisco Umbrella Rank: 2937
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
114 KB
2 canadaims.site
canadaims.site
8 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
1 activetrail.com
atsc.activetrail.com — Cisco Umbrella Rank: 117119
25 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2649
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1 KB
47 10
Domain Requested by
17 direct.tranzila.com canadaims.org
direct.tranzila.com
16 canadaims.org canadaims.site
canadaims.org
3 fonts.gstatic.com fonts.googleapis.com
2 tr.outbrain.com amplify.outbrain.com
canadaims.site
2 connect.facebook.net canadaims.site
connect.facebook.net
2 canadaims.site canadaims.site
1 www.google-analytics.com direct.tranzila.com
1 amplify.outbrain.com canadaims.site
1 atsc.activetrail.com canadaims.site
1 stackpath.bootstrapcdn.com canadaims.site
1 fonts.googleapis.com canadaims.site
47 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-17 -
2023-07-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.canadaims.org
E1		 2023-04-11 -
2023-07-10		 3 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-05-10 -
2023-11-06		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-23		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Frame ID: 2B44AC4B6B789C173714121176BBEC53
Requests: 30 HTTP requests in this frame

Frame: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Frame ID: 5F9E5BC4AF866DA8C90D9A7F9A267577
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canadian Visa Assessment - Payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

693 kB
Transfer

2008 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request online
canadaims.site/payment/ 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0e46f26166b903bca32b8b42cf4b0528b8a0be4342467a334480d435a846df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c7f819e8fe29ba1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 May 2023 00:29:26 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMDjKpV9RamdW0%2BrhuFsdGiTNq%2BeCcS88OSfzThBqx5uY54M8uTjDP5dYvYV7whTaVGZOPeN4zCV%2FAAKvFjsyDK4abfcM9CdCqvdyi7Z6XarykisPPW5S0UXcKNxysQMvvf5aopfg17LQCyvew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef777bd0809ca54263eacc7b8b456a7c5fc90589d6843b1a56b9a9f03c1b5bd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 May 2023 00:29:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 May 2023 00:29:26 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canadaims.site/
Origin
https://canadaims.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
63257
cdn-cachedat
05/03/2023 13:34:43
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d57203f9e266689dcba21a82e0581bcc
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7c7f819fefdb30c4-FRA
cdn-requestpullsuccess
True
izi_modal.min.css
canadaims.org/assets/payment_pages/register-39-new/css/ 		84 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/css/izi_modal.min.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e952979610647fcb810a38cb3d660b5df164a531f4cf24555ceaa9f4edc4f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
W/"610b9388-14f6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8k3so3heDlZCAUqVu%2BT0y4p3h5es2GyZ8FjXaIGn37S4qFBB2y3ozLemtLFG3kivt12mvh0Z6kUCrHiBQ80ThrR4CWNpQYGkpp52w1IBpR3%2BdzOzycdOLeJBy40QXIkxgAVZ6lQmQov0TaLi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a02a6b3684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ionicons.min.css
canadaims.org/assets/payment_pages/register-39-new/css/ 		42 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/css/ionicons.min.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268ecf688828cfdce59659a476ab0913b4e92556395ec549f12cf8194a6f8669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
W/"610b9388-a7f6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Byf3tzd4JOga46%2FWMsj6fP%2B3qDpQTitn%2Fenl2vKF%2FoEUNuJ%2FfUHb%2Bl8AVaw%2BnzIX6MZxuzITNDEh5a3VC0J%2BERPJJmiS6gVw%2Btm0dDk6%2F81GLKPogGgOi7nWkw1UIp3UGTc1cs9cNb4srgB%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a02a6c3684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
canadaims.org/assets/payment_pages/register-39-new/css/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adb446c46bfb04eb747f952342d757469cf29733a3e5a124a28e0d94c2e03d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
cf-polished
origSize=47226
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 11 May 2023 07:52:14 GMT
server
cloudflare
etag
W/"645c9eae-b87a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgttW%2FAndniXLD2R8vOPC2SND5swB47z6cPV%2FaZ%2BSFbzbYdgcQu7q%2BOMDgw5yRFdhGvjVF%2Fkq%2Fn51aSpoMQEz7dxwxlU0j2pcFYbxIO%2B4mAKSnOu%2BVYejLHUQkluaMlk7uS8%2FJPF03b63fNh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a02a6d3684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-white.png
canadaims.org/assets/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/img/logo-white.png?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c49f381b5efb66e5c5cd15453336a9963f527a68d5f71ee091a910999e093ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17179
last-modified
Wed, 04 Aug 2021 07:22:14 GMT
server
cloudflare
etag
"610a4026-431b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66hi3CgxzMQOuvj%2BK0R%2Bhh5USd%2F8sRh%2FlG9Z7LXvjjfmGk%2F83gZe8m8qIWE7Y5jSaLgtgdPrFb6OVBwIMUgClKeEdFXvbLKEBEVQkSfaszdgUNU3Vpij2rkabDJO75ANq4J8ymCcTFcnS%2Fy1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a06a9e3684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
flag-canada.svg
canadaims.org/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/img/flag-canada.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 13 Jun 2021 06:26:07 GMT
server
cloudflare
etag
W/"60c5a4ff-58f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i56iPEWyO96%2FWSTXB6T%2BkOx0TvdiT52yyX1is5pwCW6V2Bs7xtviHAnvUgArhTjPBl1BEX4s8sZOfJQ54jKtEi0EoVLvOFZNv2OWJKgkvH%2FiBbTvbx2R9Bio1InyTx3rY%2F5jtU2JNHQkigjM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a06a9f3684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
secure-payment.jpg
canadaims.org/assets/payment_pages/register-39-new/img/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/secure-payment.jpg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464a3e62ca0ac77ca4070d5a5cd1bdc7346ee6c9459e037a8e0f612609bac8cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45832
last-modified
Thu, 23 Dec 2021 09:20:51 GMT
server
cloudflare
etag
"61c43f73-b308"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZAYEE287OCguYinPWiwjRAabYYebv%2FqSCx6DgY7vIkTRsUmRfYTYMVcs3kjNKn80qBMPWYsxOGSTvO8Uvo8DEh2yyceA%2BnGA7T1ThLI%2F5RfolDsA%2Bv4hObrIwMGnCovnlhJiJPYFRH6dAPQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a06aa03684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 		1 KB
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/visa.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c63a22d1299d8cf6a4a6e9cabf3ca03bac10f335b24fcd28899e8dd892d80af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
W/"610b9388-439"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1GNjwHXTHLYQAOogvlp6MruL1xWSyBbrMeXSyTVxQNr0DgmeBiAqYdnThEnR35P00KvHSKFOaxlpT2T%2Bg%2FWifcJUGn3jvgIiRfJuJZs%2BHm64An17EF1r8TDZgw4%2Bopr5XDjpg0i48IiFR%2Bk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a06aa13684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mastercard.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 		941 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/mastercard.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ff9e3d6d2b1b4f2339912792253e58abdac2af4a1757a646b496b6d8b7aa92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
W/"610b9388-3ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=capE8zhKanVpjJ2USbL22qZWMILdeohmUcc%2Baz4mnxhUGvsZVhfhRmIMFgBGbidUGYOUF%2FxJvPoHS88SQEHJYC2JGJrKg7hxjZ8PCSVF%2F4MBQ0a18ndk8PdKOT1T6ujwvS79G8qT1g9tRgOf"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a06aa23684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
amex.svg
canadaims.org/assets/payment_pages/register-39-new/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/amex.svg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e361fc4bbcf94c8347f03dad30ca336a35e5af07d9ea5c120b1316ed0be793e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
W/"610b9388-e2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR0f6VZIJpwYGQFDq78fnge0%2FkftiwP8e5TKKbAddUm8TDyD1AdDp0rXfBWIcIsl4rVnr44feiZho2iY%2F0g3WnGu8h0sE0CcXR6gFSWfn35iR5ZTdBRzFnLSjN%2Bg3ZrIQFDYfD%2B%2FQ%2BxKzNlX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a06aa33684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ajax-loader.gif
canadaims.org/assets/payment_pages/register-39/img/ 		404 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39/img/ajax-loader.gif?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5eb15c4e0aaf1b869522e71e5cf270931f273ad48a9e5067c9d46c4891e1850

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
404
last-modified
Sun, 13 Jun 2021 06:26:07 GMT
server
cloudflare
etag
"60c5a4ff-194"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Fqd8Ri1ewL%2FKXDjt4HQuYiIWu2jSFw3qAJ92UL6PpqtnHgiEk1qDSux5r1kRTWAYOr7BKqn%2FWGG4fcIcqRxwa0MvuXugVQjA%2F%2BIrhVZrGnCIjc8JkopnSTB7sKrvsCHmhB8ghf67jzAoLFP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a06aa43684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa_mastercard_icon.jpg
canadaims.org/assets/payment_pages/register-39-new/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/visa_mastercard_icon.jpg?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21865
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
"610b9388-5569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSQRDEPcLouZfeiosXndeYA7r8B02Q3RPm2WOCnghlEVSDPuwZPi8Yd33i2HaXM%2F4V%2BTpKL38EWipJAkWFV7ABnT%2BCkJdsb7HgrlbPS6FERDz9BSdhi5e3PiEB1jrjFhZXLAdmnCMfxIw1Lu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a06aa53684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
canadaims.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaims.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 12:05:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"645e2b95-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYqmbdT1lLcrWhu3wwKBc3EyDYQk5oDHbrepQzkX3GyK8nwmqdt%2B%2FbTT5A16OuZdW8q%2BxQFev%2BN0azxDva7P0NgRrmW1%2BATnBzmwBgOtyj28VwloviJgW7HuxTgEdVwQ6e95%2BATakFrgxo6QEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c7f81a048f59ba1-FRA
expires
Thu, 18 May 2023 00:29:26 GMT
app.js
canadaims.org/assets/payment_pages/register-39-new/js/ 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/js/app.js?rev=1daabd51d277cdc2b2712434d88f3c06
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f7915b03f0e23ea7c65a34999f887348c820013397aa6cc627562db02305d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44674
cf-polished
origSize=121206
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
W/"610b9388-1d976"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrB1%2FxMizROYdbw4f7a78nNt8fdrhZAUpEQc5oNvN4VGJtWqARJ4%2FsIOCAxyaiGiWiqTcUx6vuqLNyFj1B8jHFiqw1QYN0LwXXcjpjOo9ZgCW4aHcQSEyzp61ajyxXEy4ZyVGRW2CMQ6fIM9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a04a863684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
payment.js
canadaims.org/assets/promo/ 		282 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaims.org/assets/promo/payment.js?id=801f1a719a7f2ad99a56
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54f26d6d13c08760021f5fed17abef51c2dc66886fcb51f2efe52a450c2c399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1262339
cf-polished
origSize=288332
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 06 Sep 2022 09:10:58 GMT
server
cloudflare
etag
W/"63170ea2-4664c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gJHD6Pp7ZQVrEAvGc6YiYEMnBOgYNPVEi%2FjKsbgyVDJoxHBqZ41dH5CV2HKldGY6msi2kqYzQKVvUexyDdAXGaXrc4un3uI7s%2FZgq96QUGPLXyjhB%2Fc%2FItfLz4GIaPUK9i9DjfFU8a50X4w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7c7f81a06a9d3684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Atsc.js
atsc.activetrail.com/Scripts/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atsc.activetrail.com/Scripts/Atsc.js
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.122 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.122.ip.incapdns.net
Software
/
Resource Hash
eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 00:29:25 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 07 Dec 2022 18:00:14 GMT
X-CDN
Imperva
Etag
"a3c99cc165ad91:0"
Content-Type
application/javascript
X-Iinfo
14-14265272-0 0CNN RT(1684196965707 10) q(0 -1 -1 0) r(0 -1)
Cache-Control
max-age=79518, public
Content-Length
25021
Expires
Tue, 16 May 2023 22:34:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 00:29:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6DQ4P6sgLQZE5+TSYAMx082jDo8m0kK7n4mq+kCEMa11PVpYTE+kQJnkvSu670dxBSX5YygSf8uN7PwZ/2y+yg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=(), hid=(), screen-wake-lock=(), serial=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 00:29:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 May 2023 06:28:15 GMT
Server
AkamaiNetStorage
ETag
"5eb6cb81dec36b8e936c154fb603efbb:1683181933.901167"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6835
Expires
Tue, 16 May 2023 00:49:26 GMT
ic_check-blue.png
canadaims.org/assets/payment_pages/register-39-new/img/ 		356 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/ic_check-blue.png
Requested by
Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5495d496be9c71d1c741d8aca0f6751cc1085b2fef0d5fc83facfcbb49d402cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1262338
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
356
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
"610b9388-164"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bLvl9%2BgC%2BCYNZCyYV9POVS43TyDeKuUBVGLR0kNNtikFvbB40mOKBzV2M%2F%2BotamJC5Xyyg7L5j%2B04cjg3J7ito%2FlLcdDfXtC82tq3RXu3re83FnbiVCzrzKVRAyCAEfXy%2Bqr%2ByR8NH93hkd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a07aa63684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sale-get-67.png
canadaims.org/assets/payment_pages/register-39-new/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/sale-get-67.png
Requested by
Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99574ca4c4e1a9479820b30d2f193cca2a3c65e6ec6433f23403a53e07c3b249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337575
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7177
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
"610b9388-1c09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7O1LhhS%2F8OH74y4ZNS4oTFzeZ80gDJ4vSEJ9X3zHLUld8VrVY62DqR9datCzxXh92Y%2B708Lxhjf%2BGZpFCcAowcLrR3cAXUl3Xl7%2FTg52RwtWnHYGl%2Fz%2FkglFgcblalMdzo7OBi5rPmGuToO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a07aa83684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ic_check.png
canadaims.org/assets/payment_pages/register-39-new/img/ 		301 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaims.org/assets/payment_pages/register-39-new/img/ic_check.png
Requested by
Host: canadaims.org
URL: https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:456f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c255abf46f0cbba8d277092947f14ff53d81e8f7a0c8894987260967c30f89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.org/assets/payment_pages/register-39-new/css/style.css?rev=1daabd51d277cdc2b2712434d88f3c06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
932190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
301
last-modified
Thu, 05 Aug 2021 07:30:16 GMT
server
cloudflare
etag
"610b9388-12d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l28NIytwf7BuGJnmosnX%2FZh8eThjJuY4vR%2BZsNRHsne493RtkjVJbjNQ9saVQe4bpLfnQP%2B%2BqRfK7cwRNB%2FZ5kKTtEBMrRLYTeG%2FBS5xsB9zeXmY3epZQU6CL7oOETPIVJTgKFWXdiM1LQLB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7f81a07aa93684-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canadaims.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 11:05:17 GMT
x-content-type-options
nosniff
age
221049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 11:05:17 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canadaims.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 00:06:44 GMT
x-content-type-options
nosniff
age
260562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 00:06:44 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58fae867d4233278b416681e54d0b2c8635d938cc7d86f99c790bc64f02aaa3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%7CQuestrial%7CLora%3A400%2C700%2C400italic&ver=4.4.2&mod=1&num=1516616507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canadaims.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 21:14:09 GMT
x-content-type-options
nosniff
age
270917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5472
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 21:14:09 GMT
736982827679314
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/736982827679314?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a5b504f73bda2bfe1c75e5008e4dd2eb300f61fba18e54c2787a2b5991ece7b5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 00:29:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
EWf8EtrqJwOhsjI0zKbljR8lZ1yggsVYFzUntU+y0+0E8TjgAvKVeaTJAA0vI1GVTtNcrST9Sdi3SG8GmfiABg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), bluetooth=(), idle-detection=(), magnetometer=(), midi=(), serial=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframenew.php
direct.tranzila.com/indigoims/ Frame 5F9E 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Requested by
Host: canadaims.org
URL: https://canadaims.org/assets/promo/payment.js?id=801f1a719a7f2ad99a56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
eb1a6105568ec0a725a7b79df2e6da7eba9be864d7fea59fd94ceabc26eb2db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://canadaims.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 May 2023 00:29:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="HONK IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cdn
Imperva
x-iinfo
14-14069967-14069971 nNYN RT(1684196966624 10) q(0 0 1 0) r(2 2) U24
x-xss-protection
0
cachedClickId
tr.outbrain.com/ 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=004d85522db67f9ac2c7ad5cf4dfc36731
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 00:29:27 GMT
X-TraceId
b0e5de56767e43927afa0b6a8ce5a5df
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=007704978735502732&referrer=&marketerId=004d85522db67f9ac2c7ad5cf4dfc36731&name=PAGE_VIEW&dl=https%3A%2F%2Fcanadaims.site%2Fpayment%2Fonline%3Ft%3Dyo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB%26lang%3Den%26utm_source%3DAT%26utm_medium%3Dactivetrail%26utm_campaign%3D15.5A%26utm_mail%3D15.5A&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: canadaims.site
URL: https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://canadaims.site/payment/online?t=yo4ZMDoClGPG4b0E6TPV1vCJ4OMeObG534afRmTUJvjzDg5qRB&lang=en&utm_source=AT&utm_medium=activetrail&utm_campaign=15.5A&utm_mail=15.5A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 00:29:27 GMT
Cache-Control
no-cache
X-TraceId
83cac52750b250afe6beaa4885a53c4a
Content-Length
53
Content-Type
image/gif;
jquery-3.6.0.min.js
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/jquery-3.6.0.min.js
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 04:17:22 GMT
server
Apache
x-cdn
Imperva
etag
"15d9e-5c81325765880"
content-type
application/javascript
x-iinfo
14-14069967-14069971 pNYN RT(1684196966624 337) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
paypage.js
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/paypage.js
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
1e6190e853d76f902e8508db1dc5160719dcb367aa39652f8e508a7e1793966c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sun, 01 Nov 2020 09:32:54 GMT
server
Apache
x-cdn
Imperva
etag
"6ee4-5b308507a525b"
content-type
application/javascript
x-iinfo
14-14069967-14070022 NNYN CT(56 120 0) RT(1684196966624 349) q(0 0 2 -1) r(3 3) U24
accept-ranges
bytes
bootstrap.js
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/bootstrap.js
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 31 May 2018 05:37:10 GMT
server
Apache
x-cdn
Imperva
etag
"90bb-56d79dbd63d6f"
content-type
application/javascript
x-iinfo
14-14069967-14070024 NNYN CT(52 110 0) RT(1684196966624 352) q(0 0 2 -1) r(2 2) U24
accept-ranges
bytes
swiperead.js
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		3 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/swiperead.js
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
0d9015f3ce1fa9101ab5f71c72ef162f49c2f7c4c8ee4031ce4861fbdb8d22ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Nov 2019 07:01:25 GMT
server
Apache
x-cdn
Imperva
etag
"a58-59862ae852c2b"
content-type
application/javascript
x-iinfo
14-14069967-14070016 pNYN RT(1684196966624 667) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
bootstrap-select.js
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/bootstrap-select.js
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
a0d767503b35050c0e0c0dfece0083131e7b74ea8d37cc734aa9d01fd7be2225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 31 May 2018 05:37:10 GMT
server
Apache
x-cdn
Imperva
etag
"826b-56d79dbd63d6f"
content-type
application/javascript
x-iinfo
14-14069967-14069971 pNYN RT(1684196966624 354) q(0 2 2 -1) r(3 3) U24
accept-ranges
bytes
npay.js
direct.tranzila.com/js/ Frame 5F9E 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/js/npay.js?V=NP4836
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
f19c9aabdf9c1baee0d664981765f525f5140e990a409193db96806b5c3e8782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sun, 29 Jan 2023 12:18:15 GMT
server
Apache
x-cdn
Imperva
etag
"6beb-5f36617d26505"
content-type
application/javascript
x-iinfo
14-14069967-14070016 pNYN RT(1684196966624 357) q(0 2 2 -1) r(3 3) U24
accept-ranges
bytes
bootstrap-select.css
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/bootstrap-select.css
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 31 May 2018 05:37:10 GMT
server
Apache
x-cdn
Imperva
etag
"19ff-56d79dbd63d6f"
content-type
text/css
x-iinfo
14-14069967-14070016 nNYN RT(1684196966624 341) q(0 0 1 -1) r(2 2) U24
accept-ranges
bytes
tranzila_ltr.css
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
9fc53ceee48294497a4b31772e7f5c7f3b6674fcdcb829acba747dbcb4cbeb47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 11 Jan 2023 07:05:18 GMT
server
Apache
x-cdn
Imperva
etag
"40a0-5f1f79f81256f"
content-type
text/css
x-iinfo
14-14069967-14070018 nNYN RT(1684196966624 344) q(0 0 1 -1) r(2 2) U24
accept-ranges
bytes
bootstrap.css
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/bootstrap.css
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
0670d6116476b903b1198d6521ae6684eb2b04b954b9cb06085170333a7f9477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 31 May 2018 05:37:10 GMT
server
Apache
x-cdn
Imperva
etag
"1d973-56d79dbd63d6f"
content-type
text/css
x-iinfo
14-14069967-14070020 nNYN RT(1684196966624 347) q(0 0 2 -1) r(2 2) U24
accept-ranges
bytes
global_card.png
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.tranzila.com/Tranzila_files/global_card.png
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
fab9750756035f2cd8da31a27c1baee63e797250e4d3152e086fee3df5f685dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 31 May 2018 05:37:10 GMT
server
Apache
x-cdn
Imperva
etag
"3cc-56d79dbd64157"
content-type
image/png
x-iinfo
14-14069967-14070016 pNNN RT(1684196966624 739) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
content-length
972
visa_mastercard_cvv.png
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.tranzila.com/Tranzila_files/visa_mastercard_cvv.png
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
d8dddf02754ec659f8409e1554e6b01aaf4b69a66d0eefe40aee860b8b1f0c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 10 Dec 2019 08:08:25 GMT
server
Apache
x-cdn
Imperva
etag
"5f8a-59955042ed040"
content-type
image/png
x-iinfo
14-14069967-14070020 pNNN RT(1684196966624 742) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
content-length
24458
amex_cvv.png
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.tranzila.com/Tranzila_files/amex_cvv.png
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
a98c3bef1bd7c3042a1728fa62ccbb89c7d15726eac18870a34bdf02563690c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 10 Dec 2019 08:08:36 GMT
server
Apache
x-cdn
Imperva
etag
"55ad-5995504d6a900"
content-type
image/png
x-iinfo
14-14069967-14070018 pNNN RT(1684196966624 744) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
content-length
21933
_Incapsula_Resource
direct.tranzila.com/ Frame 5F9E 		144 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=809525616
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7ec35d97f0e94fd198860405c4350c2648be0e2bc1345d560e7a21a1597b0f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20769
content-type
application/javascript
analytics.js
www.google-analytics.com/ Frame 5F9E 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 23:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5067
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 16 May 2023 01:05:00 GMT
opensanshebrew-regular-webfont.woff
direct.tranzila.com/Tranzila_files/fonts/ Frame 5F9E 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://direct.tranzila.com/Tranzila_files/fonts/opensanshebrew-regular-webfont.woff
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
Origin
https://direct.tranzila.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 03 Jul 2018 09:14:53 GMT
server
Apache
x-cdn
Imperva
etag
"35f0-57014bf38e6d1"
content-type
application/font-woff
x-iinfo
14-14069967-14069971 pNYN RT(1684196966624 752) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
question.png
direct.tranzila.com/Tranzila_files/ Frame 5F9E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.tranzila.com/Tranzila_files/question.png
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
d7b80047a07fff19686807114f70128253c0f5bc4414230554d491fe44c77626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/Tranzila_files/tranzila_ltr.css?v=np5787
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 00:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 31 May 2018 05:37:10 GMT
server
Apache
x-cdn
Imperva
etag
"d88-56d79dbd64d0f"
content-type
image/png
x-iinfo
14-14069967-14070110 nNNN RT(1684196966624 754) q(0 0 2 -1) r(2 2) U24
accept-ranges
bytes
content-length
3464
_Incapsula_Resource
direct.tranzila.com/ Frame 5F9E 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direct.tranzila.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9458616412309164
Requested by
Host: direct.tranzila.com
URL: https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.128.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://direct.tranzila.com/indigoims/iframenew.php?sum=39&cred_type=1&nologo=1&email=marcellus.cook@serco-ap.com&cy=2&pdesc=757&currency=2&success_url_address=https://canadaims.site/api/v1/payment/tranzila/success&fail_url_address=https://canadaims.site/api/v1/payment/tranzila/failed&notify_url_address=https://canadaims.site/api/v1/payment/tranzila/nhzP18LvzchTs0QWr727YuWZTxEcNqljEqxjLFThsbFnuGGoP2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _atsc_paq function| fbq function| _fbq function| obApi function| $ function| jQuery object| $iziModal object| jQuery111109457173623495994 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| axios function| Vue object| GCO object| JSON2 object| Atsc object| AnalyticsTracker function| Atsc_log string| userAgent function| apiObj

16 Cookies

Domain/Path Name / Value
canadaims.site/ Name: last_seen
Value: eyJpdiI6InlSZ01TWUZxS2xcL1l6N2xuY2FoR0ZRPT0iLCJ2YWx1ZSI6IlFqSHRcL3V6NWQ2YUM4UGRDeFdFS0VnPT0iLCJtYWMiOiI3M2YwYmM1ODc2MTNlYjMwMjVmNDVjOTkyNmEzZjAzN2YzMWU2ZGRjZDA2M2JhYzlmMDc2NTE0MjUxNWE2YWY0In0%3D
canadaims.site/ Name: XSRF-TOKEN
Value: eyJpdiI6Im1laHNqd3lmR0FDNU9HVnVhTGxCREE9PSIsInZhbHVlIjoiRjEwaU5EYjY2N3ZkZnN5bXVQNDV3Q0JhRVF4d1BIVjB6QTQyb29cLzZZREozMzRpcnJ3TVwvMlhyMytjaXpsbjQwIiwibWFjIjoiM2NmNWFmYTg2YjIyZWNiMWM5MWUwMjRhNjM2ZjRmM2FhZGNmMjg1OGJhMjRmNjBkZjY2OGMxYWVmYTZmZmNiMCJ9
canadaims.site/ Name: canadaimsorg_session
Value: eyJpdiI6InpyY1VOeU1obzZrU1d2VkczZEJqSUE9PSIsInZhbHVlIjoiRUpcLzY4emV6aTVmMkRVTVgzZlRkMXpWSzVzcG84ZjFjZXBFOUQyT1grMjFnRHpBVWhaNU1pSEJDSmdNejZ6NnQiLCJtYWMiOiJmMzU0ZDZmN2U1M2JlYzE5MDkxZjA5YjQxZWI3OThkZjQwMmU5NTlhODg3YjcyZmZmOGQzYTIzYWY4MDI2ODhhIn0%3D
canadaims.site/ Name: utm
Value: eyJpdiI6IkRnQU93RnpBRDBcL3lIR3hMU1VOd3VBPT0iLCJ2YWx1ZSI6ImNoalwvSjlVSTNuM0lNZE1Qa1ltM0tVQVUzZnhIZHp6bnExXC9uT3RoanlWY2x1YUZ3eVg1bXdIend1XC9KbDd0d04wU0JndDNtNjcxQTd1WWYyVVBzZWF2VDFZaXdiRXhWNXJzZHhXaVlHOTE1RmE4K3F2XC9LSmFnc1MyQmszZ2huM1JvXC9DbW9wRFhiYSt4QWdkQVR2UFNRPT0iLCJtYWMiOiIzZmIzY2MwOTE2MGRlYzQzZGUwMzBkYTA1NGVkMDVmMTgyNzEwOGVlYjNkZjA1NDYxZWY0MzRlZDE4YTEzYzkzIn0%3D
canadaims.site/ Name: lang
Value: en
canadaims.site/ Name: payment_token
Value: eyJpdiI6IjhmR0dqc0xcL2U0d3hVRVZTMFNyK3VRPT0iLCJ2YWx1ZSI6Im53NFFMVnY4UDJHVDZYOTE1bkZQajY0dWZQT1Y3bTAwUTBFZlZ3d2RKZDQwcCtvT00yTGU0b2FIeFFiV1ozeE9DTVlVb1pDVXp5dnpNbGEwQnRUTUdRPT0iLCJtYWMiOiJjNWIzNTA1YTcxZGM5NzU1OGJlNzY0MDljMjA2Y2QwNmQzMzIzMDg0ZmE2ZmZkYTRmYjZmMWUzMTcyMjc5NWQ3In0%3D
.activetrail.com/ Name: visid_incap_885708
Value: CP+URzAxSwe/OEZmvG6TsWXOYmQAAAAAQUIPAAAAAAC6/EDQM1DSlIgJ+kwml9jq
.activetrail.com/ Name: incap_ses_875_885708
Value: up/ZZ3MiJgeTJtbPkqAkDGXOYmQAAAAAK9XhH70bYbehHcmDex5UDg==
canadaims.site/ Name: _pk_ref.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d
Value: %5B%2215.5A%22%2C%22%22%2C1684196967%2C%22%22%5D
canadaims.site/ Name: _pk_id.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d
Value: b6589fc6ab0dc82c.1684196967.1.1684196967.1684196967.
canadaims.site/ Name: _pk_ses.dd9d8ac6-3094-47f6-90d9-a8b59ab8149e.2a8d
Value: *
.direct.tranzila.com/ Name: PHPSESSID
Value: u3ldfsfnar1qcv1edfd24kgdr7
.tranzila.com/ Name: visid_incap_2533233
Value: v2lz4ZkvQqmGaMUB8BZKT2bOYmQAAAAAQUIPAAAAAAArpv0xKN2W7TGp0OslCiVv
.tranzila.com/ Name: incap_ses_730_2533233
Value: pCCoEItwGzpB7pMMBnwhCmbOYmQAAAAAZJfkrGllOBDokwEG/H83GA==
canadaims.site/ Name: outbrain_cid_fetch
Value: true
.tranzila.com/ Name: nlbi_2533233
Value: 1OHQIrlkolsizzyx/LqpegAAAABufXIDtvpcG47T6+VbrYO9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
atsc.activetrail.com
canadaims.org
canadaims.site
connect.facebook.net
direct.tranzila.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
tr.outbrain.com
www.google-analytics.com
107.154.114.122
23.35.237.86
2606:4700:3033::6815:456f
2606:4700:3036::6815:b73
2606:4700::6812:bcf
2a00:1450:4001:80b::200a
2a00:1450:4001:829::200e
2a00:1450:4001:831::2003
2a03:2880:f084:d:face:b00c:0:3
45.223.128.234
64.202.112.63
0670d6116476b903b1198d6521ae6684eb2b04b954b9cb06085170333a7f9477
0adb446c46bfb04eb747f952342d757469cf29733a3e5a124a28e0d94c2e03d8
0c63a22d1299d8cf6a4a6e9cabf3ca03bac10f335b24fcd28899e8dd892d80af
0d9015f3ce1fa9101ab5f71c72ef162f49c2f7c4c8ee4031ce4861fbdb8d22ba
0e952979610647fcb810a38cb3d660b5df164a531f4cf24555ceaa9f4edc4f0e
19f7915b03f0e23ea7c65a34999f887348c820013397aa6cc627562db02305d3
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e6190e853d76f902e8508db1dc5160719dcb367aa39652f8e508a7e1793966c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268ecf688828cfdce59659a476ab0913b4e92556395ec549f12cf8194a6f8669
28ff9e3d6d2b1b4f2339912792253e58abdac2af4a1757a646b496b6d8b7aa92
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
464a3e62ca0ac77ca4070d5a5cd1bdc7346ee6c9459e037a8e0f612609bac8cb
4ad5f5e1be2bfad0b36f324d134a09956a3bb0c2c6b824b20a237a1f8c96cfd2
5495d496be9c71d1c741d8aca0f6751cc1085b2fef0d5fc83facfcbb49d402cb
58fae867d4233278b416681e54d0b2c8635d938cc7d86f99c790bc64f02aaa3e
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
6c5553217c782b518e313cb40a8de37438437a417df3f61e0cf020eadfd64f15
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7ec35d97f0e94fd198860405c4350c2648be0e2bc1345d560e7a21a1597b0f4e
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c255abf46f0cbba8d277092947f14ff53d81e8f7a0c8894987260967c30f89
99574ca4c4e1a9479820b30d2f193cca2a3c65e6ec6433f23403a53e07c3b249
9a0e46f26166b903bca32b8b42cf4b0528b8a0be4342467a334480d435a846df
9c49f381b5efb66e5c5cd15453336a9963f527a68d5f71ee091a910999e093ec
9fc53ceee48294497a4b31772e7f5c7f3b6674fcdcb829acba747dbcb4cbeb47
a0d767503b35050c0e0c0dfece0083131e7b74ea8d37cc734aa9d01fd7be2225
a5b504f73bda2bfe1c75e5008e4dd2eb300f61fba18e54c2787a2b5991ece7b5
a98c3bef1bd7c3042a1728fa62ccbb89c7d15726eac18870a34bdf02563690c0
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c54f26d6d13c08760021f5fed17abef51c2dc66886fcb51f2efe52a450c2c399
d7b80047a07fff19686807114f70128253c0f5bc4414230554d491fe44c77626
d8dddf02754ec659f8409e1554e6b01aaf4b69a66d0eefe40aee860b8b1f0c38
df5f2e0d7b97c6d81194c82bb415b3d9c9b89cab747dfb8192d034bd538acc10
e361fc4bbcf94c8347f03dad30ca336a35e5af07d9ea5c120b1316ed0be793e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb15c4e0aaf1b869522e71e5cf270931f273ad48a9e5067c9d46c4891e1850
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaeb4358a9dc8f778d59a6fd3ff160a1572f8eddb9b36ff45b253f4c19b5aace
eb1a6105568ec0a725a7b79df2e6da7eba9be864d7fea59fd94ceabc26eb2db4
ef777bd0809ca54263eacc7b8b456a7c5fc90589d6843b1a56b9a9f03c1b5bd8
f19c9aabdf9c1baee0d664981765f525f5140e990a409193db96806b5c3e8782
fab9750756035f2cd8da31a27c1baee63e797250e4d3152e086fee3df5f685dd
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94