canadapayment.online Open in urlscan Pro
209.145.56.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://canadapayment.online/
Submission: On July 06 via api (July 6th 2022, 11:14:58 am UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 95 HTTP transactions. The main IP is 209.145.56.77, located in United States and belongs to CONTABO, US. The main domain is canadapayment.online.

This is the only time canadapayment.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	209.145.56.77 209.145.56.77	40021 (CONTABO) (CONTABO)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	104.18.26.174 104.18.26.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	45.252.248.12 45.252.248.12	63760 (AZDIGI-AS...) (AZDIGI-AS-VN AZDIGI Corporation)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
19	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
95	13

1 209.145.56.77 (United States)

ASN40021 (CONTABO, US)
PTR: vmi535331.contaboserver.net

canadapayment.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sectury.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.18.26.174 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.252.248.12 (Thuan An, Viet Nam)

ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)

itcafe.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 45956 c.adskeeper.co.uk — Cisco Umbrella Rank: 32865 cdn.adskeeper.co.uk — Cisco Umbrella Rank: 30206 servicer.adskeeper.co.uk — Cisco Umbrella Rank: 40427 s-img.adskeeper.co.uk — Cisco Umbrella Rank: 32488 cm.adskeeper.co.uk — Cisco Umbrella Rank: 50387	3 MB
19	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 9765	1 MB
16	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 15196	1 MB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	25 KB
1	itcafe.vn itcafe.vn	44 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
1	sectury.com sectury.com — Cisco Umbrella Rank: 824625	9 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	30 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	22 KB
1	canadapayment.online canadapayment.online	2 KB
95	11

	Domain	Requested by
19	s-img.adskeeper.co.uk	canadapayment.online
19	1.bp.blogspot.com	canadapayment.online
16	blogger.googleusercontent.com	canadapayment.online
6	c.adskeeper.co.uk	jsc.adskeeper.co.uk canadapayment.online
6	jsc.adskeeper.co.uk	canadapayment.online jsc.adskeeper.co.uk
4	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	canadapayment.online cdnjs.cloudflare.com
1	cdn.adskeeper.co.uk	canadapayment.online
1	itcafe.vn	canadapayment.online
1	www.googletagmanager.com	canadapayment.online
1	sectury.com	canadapayment.online
1	code.jquery.com	canadapayment.online
1	maxcdn.bootstrapcdn.com	canadapayment.online
1	canadapayment.online
95	16

This site contains links to these domains. Also see Links.

Domain
de.7uq.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.itcafe.vn R3	`2022-07-03` - `2022-10-01`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adskeeper.co.uk Go Daddy Secure Certificate Authority - G2	`2022-01-03` - `2023-02-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://canadapayment.online/
Frame ID: 971347984EA303D045A291AC983158A8
Requests: 94 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1657106066657154901557
Frame ID: 6B8C32987CC9938EDE015E8D2AAF7ED5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Video idol 2021

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

86 %
HTTPS

75 %
IPv6

11
Domains

16
Subdomains

13
IPs

5
Countries

5975 kB
Transfer

6919 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://de.7uq.org/d3wxMDQ5

Search URL Search Domain Scan URL

URL: https://de.7uq.org/TXwxMDQ5

Search URL Search Domain Scan URL

URL: https://de.7uq.org/cXwxMDQ5

Search URL Search Domain Scan URL

URL: https://de.7uq.org/WXwxMDQ5

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
canadapayment.online/ 7 KB
2 KB 1142ms
114ms Document
text/html 209.145.56.77
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://canadapayment.online/

Protocol

HTTP/1.1

Server

209.145.56.77 , United States, ASN40021 (CONTABO, US),

Reverse DNS

vmi535331.contaboserver.net

Software

nginx /

Resource Hash

c87d0efd96bc62844535855660000bbe49e9c50a979ee02606358a2b52948665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 11:14:25 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 61ms
30ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 6436753
cdn-cachedat: 2021-04-23 00:58:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 26f98a2ac4062832e6438b0301a527bd
cf-ray: 7267eab0cf6401e7-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 48ms
21ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7834589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10491
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms5x6sVvZwuwDl8ma6lV2wBsI36xKJLWm83356rfXTbJ7nOZ4xwXzaOwmiX4DyDunV%2BlnvIoK41S0AC6KtQ3GVUsIrKdvzNU3HnhibFiJe0XLQPoiyYtG8xjKLWyre1HN9A0KmLrxgcOZqftUDU6Np86"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7267eab0bd47cc36-ZRH
expires: Mon, 26 Jun 2023 11:14:26 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 35ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1657106066.dop207.fr8.t,1657106066.cds003.fr8.hn,1657106066.cds280.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

POST
H2 200 / Show response
sectury.com/ 72 KB
9 KB 114ms
64ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sectury.com/

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / VBD

Resource Hash

db37a9925656a25a2b62e3c6380862458f720695dccb061c573925e180affea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://canadapayment.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: VBD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3LwM8Nx1S9qskWAkkBSjHVuyCw1b%2Fcly6mrEzHzxQM90zpz%2BAPPxEwY99ptWPVkhSYrWF%2F8A3Fblu14x687jUWGANFZ3WhokZ6UKD75v%2BBZAU0BIflQR%2FkH%2F28HfgT99BPYZW0%2BZt2sMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7267eab169a7bafa-MXP
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 liveh4z.com.1326933.js Show response
jsc.adskeeper.co.uk/l/i/ 2 KB
1 KB 43ms
17ms Script
text/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326933.js
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3006910ebbdfc1e79332a1f118da840262abcefd51150ae50f218899a1f26828

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1744
cf-ray: 7267eab1f88f913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
x-amz-id-2: mi6eQuy+e/PlYgoAS1mN3RV6ceo6bDWeftT0e4VySQxWWyoZg0IFnI3Kk0+DBE3Tp/4r4HWw4bA=
last-modified: Sat, 18 Jun 2022 07:02:26 GMT
server: cloudflare
etag: "690020c55c203015db72efd14ab4207c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 1C645FGK0HZD3ZBY
cache-control: public, max-age=14400
x-amz-version-id: UBYkSD7LsbYS9xIgJ0MQsjv2.2HxY2kg
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
H2 200 liveh4z.com.1326929.js Show response
jsc.adskeeper.co.uk/l/i/ 2 KB
1 KB 40ms
16ms Script
text/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.js
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f63c2b7bcda1b666ad36f1a19152c28d974740c44788097c1dfde2e6be0580

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6733
cf-ray: 7267eab1f892913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
x-amz-id-2: oemlZwlmmMq5zXbEtJAqkED0LLiQ3EZpQverLKUe+1soXtl2Sia7wpDMMEFv9NodATNAizmYU2M=
last-modified: Sat, 18 Jun 2022 07:00:45 GMT
server: cloudflare
etag: "33327ed3f1a1cfbb4073739c7d392497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: QV5NRZJFF3EHVN3A
cache-control: public, max-age=14400
x-amz-version-id: QTWwQ5YWZ8Yo6q5zGX3W4IPzjeSy9qyZ
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
H2 200 liveh4z.com.1326932.js Show response
jsc.adskeeper.co.uk/l/i/ 2 KB
1 KB 245ms
223ms Script
text/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326932.js
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca4dc00fec8b00bf708f309c110794e7e542c60351805508735c3e6eba575fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: K7KMND8WRCXHEAB4
cf-ray: 7267eab1f893913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
x-amz-id-2: 8aYTvpDYqFfVIKvsGjJ33lJQ0uR7PUbjj0H+PUE0c1YhZ7I6EjygdtAicjv1rNXuC0oNmspSFGo=
last-modified: Sat, 18 Jun 2022 07:01:42 GMT
server: cloudflare
etag: "45a70602237c94efa1873f35128e5369"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6n7tYAW7tuNClqKr9Jcw49bEEBqu_ZMo
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-185289874-1

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e85e22ecdde9d73476a3faafbce86542d7978de101b7fbd0b63d26db9a3e8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40334
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jul 2022 11:14:26 GMT

GET
H2 200 anh-gai-xinh-4.jpg
itcafe.vn/wp-content/uploads/2021/01/ 43 KB
44 KB 1120ms
214ms Image
image/jpeg 45.252.248.12
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itcafe.vn/wp-content/uploads/2021/01/anh-gai-xinh-4.jpg

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.252.248.12 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5acb50395e2b1582a7f06568ed9c8706b2e71730bf3f42ade8f0b334c0b9c3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Sat, 02 Jan 2021 10:12:39 GMT
server: LiteSpeed
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 44311
expires: Wed, 13 Jul 2022 11:14:27 GMT

GET
H2 200 08.png
1.bp.blogspot.com/-DBQ40EgNDik/YJVbl1rwlTI/AAAAAAABYLo/GSyTkEhCQiA7q3ZEIiqE2Vr9SAmi6K6jgCLcBGAsYHQ/s320/ 128 KB
128 KB 43ms
15ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-DBQ40EgNDik/YJVbl1rwlTI/AAAAAAABYLo/GSyTkEhCQiA7q3ZEIiqE2Vr9SAmi6K6jgCLcBGAsYHQ/s320/08.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d122ff2882348bab89dc17dc23336888259365fe64bc64578087e3ff6e167161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:07:07 GMT
x-content-type-options: nosniff
age: 439
content-disposition: inline;filename="08.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130728
x-xss-protection: 0
server: fife
etag: "v160ec"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:15:27 GMT

GET
H2 200 z2555390549267_67114e801187d1a796ec51e1ed9ef27c.jpg
1.bp.blogspot.com/-pQQuAY4-NO4/YRsv6DumPlI/AAAAAAAAAHQ/XkUdA1_PRdgEg2djMkDGZEHbsV88hzB5ACLcBGAsYHQ/s320/ 16 KB
17 KB 50ms
22ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-pQQuAY4-NO4/YRsv6DumPlI/AAAAAAAAAHQ/XkUdA1_PRdgEg2djMkDGZEHbsV88hzB5ACLcBGAsYHQ/s320/z2555390549267_67114e801187d1a796ec51e1ed9ef27c.jpg

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f10ae9dc60348404f8e403059538255e17d07df935ca834605746d12dea06e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:06:21 GMT
x-content-type-options: nosniff
age: 4085
content-disposition: inline;filename="z2555390549267_67114e801187d1a796ec51e1ed9ef27c.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16872
x-xss-protection: 0
server: fife
etag: "v77"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 07 Feb 2022 18:49:42 GMT

GET
H2 200 24e588044674b32aea65.jpg
1.bp.blogspot.com/-5cIU1ZN-3fU/YJVhdmE5oXI/AAAAAAABYPI/LEzQWWrFNBQw7vC7G3DT15MEDnT7Y8q8wCLcBGAsYHQ/s320/ 20 KB
20 KB 47ms
19ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5cIU1ZN-3fU/YJVhdmE5oXI/AAAAAAABYPI/LEzQWWrFNBQw7vC7G3DT15MEDnT7Y8q8wCLcBGAsYHQ/s320/24e588044674b32aea65.jpg

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5aa98b2471cadd0fec49be1bf3b9b3f48bea8c2fc9ed81c29d91207903ae36e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:46:56 GMT
x-content-type-options: nosniff
age: 5250
content-disposition: inline;filename="24e588044674b32aea65.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20089
x-xss-protection: 0
server: fife
etag: "v160f3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 May 2022 01:09:42 GMT

GET
H2 200 android-play.png
1.bp.blogspot.com/-WTC1bmdrV98/YDnU313iItI/AAAAAAABP-A/pobm3TwsZhEtHY-lyHy8O_Qzn1wk5YwJwCLcBGAsYHQ/s530/ 54 KB
55 KB 37ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WTC1bmdrV98/YDnU313iItI/AAAAAAABP-A/pobm3TwsZhEtHY-lyHy8O_Qzn1wk5YwJwCLcBGAsYHQ/s530/android-play.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6adc4e7427123ef89632e0566bdaf91ff124426f33dc61a0644d863c180241c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:40:18 GMT
x-content-type-options: nosniff
age: 12848
content-disposition: inline;filename="android-play.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55553
x-xss-protection: 0
server: fife
etag: "v13fe3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 May 2022 08:46:49 GMT

GET
H2 200 AVvXsEgzVxjfa6_Sf91zXPzVrVepTe1YuizZq_V8S7RjDPb7bPy9vFlz-IXmuvks-_hx2UiLnLZY2LAKjvzWaYufo7u7bWTxsfDtgOg8Ur7qC8Jw4dFQxFT2nb1LJK0aOax_XASj0_Oac5tXuLUGz3xqRxur56cF4_9wEO81Kj4F7LTcammxILzYYh_kglzK-g=s320
blogger.googleusercontent.com/img/a/ 55 KB
55 KB 193ms
166ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgzVxjfa6_Sf91zXPzVrVepTe1YuizZq_V8S7RjDPb7bPy9vFlz-IXmuvks-_hx2UiLnLZY2LAKjvzWaYufo7u7bWTxsfDtgOg8Ur7qC8Jw4dFQxFT2nb1LJK0aOax_XASj0_Oac5tXuLUGz3xqRxur56cF4_9wEO81Kj4F7LTcammxILzYYh_kglzK-g=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6487c3eb58cf0be3a4f87446803c92bccf24ad639932f1b1acb3fb4b2e6265cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v325e"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634610668.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55829
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEhgVolo-NEhG4sWi4skqC1ay1Gy34c0A8A8r__bySVQYKlMYKNBCyyEPpR8HJnMX_QMVH53z9-ooLdITz1sHcWXNTuNkM01fR5Z195vdI7DuTDhidllru8QV2_6-4SnQFBvo2MEAt-QLUwx0Fn6gMD1LE9Q-D0GC2Od35Zq305gVdG4S6Eyf3DbrEyNJg=s320
blogger.googleusercontent.com/img/a/ 103 KB
103 KB 194ms
191ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhgVolo-NEhG4sWi4skqC1ay1Gy34c0A8A8r__bySVQYKlMYKNBCyyEPpR8HJnMX_QMVH53z9-ooLdITz1sHcWXNTuNkM01fR5Z195vdI7DuTDhidllru8QV2_6-4SnQFBvo2MEAt-QLUwx0Fn6gMD1LE9Q-D0GC2Od35Zq305gVdG4S6Eyf3DbrEyNJg=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bce0c6b78a977072b55df8990a3f007487db4d25e635d1861d675e3ab732b32c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3255"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634521897.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105694
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEi6NEYo9ZG9bC5cXdD8WvadGBAtyxaE0H4SsRuAtW2K-QuzFIPNO6NZhJVg1oeD6dosYxv2_BUAeDu8fdYDmhwSWT3009a09MZizVBsYiK_4BconG-w9I9UNYeobBPVvVi36e-3KUHds7Xeo13faBJVwOwPxbJ0UY9OzESlF1CZ2Mz8vj6XcrIFH1EgjQ=s320
blogger.googleusercontent.com/img/a/ 90 KB
90 KB 180ms
178ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEi6NEYo9ZG9bC5cXdD8WvadGBAtyxaE0H4SsRuAtW2K-QuzFIPNO6NZhJVg1oeD6dosYxv2_BUAeDu8fdYDmhwSWT3009a09MZizVBsYiK_4BconG-w9I9UNYeobBPVvVi36e-3KUHds7Xeo13faBJVwOwPxbJ0UY9OzESlF1CZ2Mz8vj6XcrIFH1EgjQ=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a4e077c2bc0742ede658026ebe00951abf086be1412c7f5b3d7d863846c8c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3248"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634521561.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91764
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEiYIj2r9PiCptI4Axg5aMQ6ttlH3QWcIjOmKzdDg5480V1fx40ufjgl4CFOS7t0UfCmajcQY0hmAws-ghd1iDZdeQ59jMyDczDPL0LpKAvPEqIaorBEgoyLtWi3qiy0LtrxemZ1kS9bW7GmYNwOCJk7z3kWiisqEO4Tch6ENlDlrEUfYnEUPH2KxkCGrg=s320
blogger.googleusercontent.com/img/a/ 75 KB
75 KB 184ms
181ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiYIj2r9PiCptI4Axg5aMQ6ttlH3QWcIjOmKzdDg5480V1fx40ufjgl4CFOS7t0UfCmajcQY0hmAws-ghd1iDZdeQ59jMyDczDPL0LpKAvPEqIaorBEgoyLtWi3qiy0LtrxemZ1kS9bW7GmYNwOCJk7z3kWiisqEO4Tch6ENlDlrEUfYnEUPH2KxkCGrg=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3f257d79f976941cacbdfff6b81212c61a9bb95b1e99e64c90b1703b62b568c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v323d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634521371.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76703
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEgEEAG5adwRp0ya4YNLIR1S6sWtGTRJ4ncNd3G0X5zPa-ONGwKzk5Uh_oG7rK-eMdLJG56dqiUFK9Iw7YTcoXkxpielDQNgtOFTfZ3N61gwO4HGTD5mhZGzrUcjrCQh9l_ha4iMCnUbT7c8x7Zt2nj3oS9QJwct2UVT5-G9Wmfh3o3BD8364iOH5RG9zg=s320
blogger.googleusercontent.com/img/a/ 121 KB
121 KB 189ms
186ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgEEAG5adwRp0ya4YNLIR1S6sWtGTRJ4ncNd3G0X5zPa-ONGwKzk5Uh_oG7rK-eMdLJG56dqiUFK9Iw7YTcoXkxpielDQNgtOFTfZ3N61gwO4HGTD5mhZGzrUcjrCQh9l_ha4iMCnUbT7c8x7Zt2nj3oS9QJwct2UVT5-G9Wmfh3o3BD8364iOH5RG9zg=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

40f40851b74a3f015f08b74a5e6e47a0e83643b931d371c5a14ee11ee73e5e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3232"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634521102.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124076
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEhFNefMGVAC1quRRbmCEa6bDqwlBzoM1C5-ySrBTm0wHIHsHijj6da4TYi0cCksusnuZ-Lh3BG2CIN9nk8ygw3YIAwWQo5jwvtTjNhRvoGW_O-f7O6hekA-EOQwyAlIGbB_vfuxjhsUyA4ttg-Sl08d0UXiAZWqANKJUoCpiQfkxwjE5WI5BMXYn2HdwA=s320
blogger.googleusercontent.com/img/a/ 78 KB
78 KB 170ms
167ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhFNefMGVAC1quRRbmCEa6bDqwlBzoM1C5-ySrBTm0wHIHsHijj6da4TYi0cCksusnuZ-Lh3BG2CIN9nk8ygw3YIAwWQo5jwvtTjNhRvoGW_O-f7O6hekA-EOQwyAlIGbB_vfuxjhsUyA4ttg-Sl08d0UXiAZWqANKJUoCpiQfkxwjE5WI5BMXYn2HdwA=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5cc3f60bb43f640fe82f6e84519053c0e2f94d6b7a65938c68233d0addd9d629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v322a"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634457146.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79705
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEjsAjVRisVv_aygY3yoAIM7-6Hfz_x3ufkLlkbZCT1Mk5bhlbtwl4tFNm2QTavGR_tI_mEAt9-koHzZ_9hIvkoR8UcoaQ5QTHRtSEwZaNQVa-jyMZi_LmMcwT6atAv5QHBvNfrf_ICPSVKzOCvRke21dEw_r1BfegfnvBWaM00oUQOsk63gQCntnrKzmw=s320
blogger.googleusercontent.com/img/a/ 78 KB
78 KB 166ms
163ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjsAjVRisVv_aygY3yoAIM7-6Hfz_x3ufkLlkbZCT1Mk5bhlbtwl4tFNm2QTavGR_tI_mEAt9-koHzZ_9hIvkoR8UcoaQ5QTHRtSEwZaNQVa-jyMZi_LmMcwT6atAv5QHBvNfrf_ICPSVKzOCvRke21dEw_r1BfegfnvBWaM00oUQOsk63gQCntnrKzmw=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c84881ac3539581a10a11bf55a3fe34a368ae11d01b5a3b5649b5cad24a744a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v321e"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634436457.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79835
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEjqknCu9hR04uSdsgKDiF_J9wKrbNvFih5t-USBJStQQb52jpQUSSlZ4jcXA7ApMheqmXAiszNkpr-ktk9g4qK4wif9caFIXEZbZtEm0SqtfVrg4wguLrIipb7bPlL-nml8xqxgOczrIofCU1KWmRFJV_9enXSUNlrg2AmpgBbQb2G9ZvOd7RvhCwM27g=s320
blogger.googleusercontent.com/img/a/ 86 KB
86 KB 195ms
193ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjqknCu9hR04uSdsgKDiF_J9wKrbNvFih5t-USBJStQQb52jpQUSSlZ4jcXA7ApMheqmXAiszNkpr-ktk9g4qK4wif9caFIXEZbZtEm0SqtfVrg4wguLrIipb7bPlL-nml8xqxgOczrIofCU1KWmRFJV_9enXSUNlrg2AmpgBbQb2G9ZvOd7RvhCwM27g=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b6f09fd8cfe8e3b91db873ca7654ae685a98a8ae427ee0714ca36323a03c6961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3215"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634436183.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88203
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEjyvOSdCQMmDMLU4S1vPYH_HsCj51CAINQT2CtB3OR2YDBQ-fsJdVF6czwvye7Thi11d_DazKvY1V7mKBsT5PEF3j7pG2GCALwT3dEiFqEBYchnARkg5D61towHmjAYo_8KnRUrB3wamwyzKo1u8NNLHLJ1Quiaoo2KLOsjfNH206gcnOwrTy4XPmfEbQ=s320
blogger.googleusercontent.com/img/a/ 63 KB
63 KB 176ms
173ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjyvOSdCQMmDMLU4S1vPYH_HsCj51CAINQT2CtB3OR2YDBQ-fsJdVF6czwvye7Thi11d_DazKvY1V7mKBsT5PEF3j7pG2GCALwT3dEiFqEBYchnARkg5D61towHmjAYo_8KnRUrB3wamwyzKo1u8NNLHLJ1Quiaoo2KLOsjfNH206gcnOwrTy4XPmfEbQ=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7dcdcaed9b3c2a4fc5053f65fa21b30b90ef28f42d6776e5c6819e3e6567a633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v320d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634436026.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64373
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEgmSTHkE-5Dm7LVg_Yg--0E-WwQLHsXoJkPds_84HZrOk-aRcZlsYBdl3OjxmwN3PnVdvR4HJ0lRgkLSQ91LG9alF_w9QD6D3tDcWuQz_3K7fGaQ0iq8gWqp0IKxZQ29bxqTLoioov7JZBNGJoyWjs7Y5LmLS9JZ5qIO7wLIz-86GDmruQj82_8sX791A=s320
blogger.googleusercontent.com/img/a/ 67 KB
68 KB 196ms
194ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgmSTHkE-5Dm7LVg_Yg--0E-WwQLHsXoJkPds_84HZrOk-aRcZlsYBdl3OjxmwN3PnVdvR4HJ0lRgkLSQ91LG9alF_w9QD6D3tDcWuQz_3K7fGaQ0iq8gWqp0IKxZQ29bxqTLoioov7JZBNGJoyWjs7Y5LmLS9JZ5qIO7wLIz-86GDmruQj82_8sX791A=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4ce510ffe41787ff8b77914205880ae67ed5f7ebf2686d8a502b8705ab17efe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3202"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634435674.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69010
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEivuRTmMUDWxzCfNMtScBoSgDtCae3QDU2hrxRsgStjbds2cmVECEhFeiRU3bJC_3a2NTRXbZk-8YLT7eFBECJ1yZY_YZIPdu4FIhCPuqaEZys9FRWWuRKykY7lfVJKP8EtmGnb8nlSIhRTZPvKXO2F47KtdnZF_jNTZcPQCsQO5wlj5u4Lr5DMibWfQg=s320
blogger.googleusercontent.com/img/a/ 78 KB
78 KB 181ms
178ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEivuRTmMUDWxzCfNMtScBoSgDtCae3QDU2hrxRsgStjbds2cmVECEhFeiRU3bJC_3a2NTRXbZk-8YLT7eFBECJ1yZY_YZIPdu4FIhCPuqaEZys9FRWWuRKykY7lfVJKP8EtmGnb8nlSIhRTZPvKXO2F47KtdnZF_jNTZcPQCsQO5wlj5u4Lr5DMibWfQg=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f618c31811edd94f21c37ae2183c5ab7017c9528cd62c321db47fd1c2aad17e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v31f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634435442.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79527
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEhLu3cybERQWSFFTrX0dT1AO_po_dSUTeBV60qCObVweYvm4TsDcOCtsr2QdLinbhEeLWEA1DukI9VfofATZWtwR1GbwXGbtpYQN82GOvE54g1v2R9iNSYzIxXaT2LgrVbACyh0JDBBzHaZhIGA5LFFj8S-otRjT6Y4XPTLkYBM3ZDQ1o1XRBQoSM2flg=s320
blogger.googleusercontent.com/img/a/ 66 KB
67 KB 179ms
176ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhLu3cybERQWSFFTrX0dT1AO_po_dSUTeBV60qCObVweYvm4TsDcOCtsr2QdLinbhEeLWEA1DukI9VfofATZWtwR1GbwXGbtpYQN82GOvE54g1v2R9iNSYzIxXaT2LgrVbACyh0JDBBzHaZhIGA5LFFj8S-otRjT6Y4XPTLkYBM3ZDQ1o1XRBQoSM2flg=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

080daf5b4c915ab46f782a181de429706e38f1cccc19c26842ca2cea0cdfab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v31ee"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1634095864.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68052
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEgNNTpKOBh0L8GeDgAcmIukcDrtcLexYk5M3dn5AmTH3FnNwaAgvdfLpnyONEhfM3SvQIS_5KlIRulHrz-dxL8LgxrUBLhObz01IpkC55y_bvNonccAVQuTSxAsCXZ5xJpuO0D1FGwwPpaQAv4qI8vJMmK2wLU_YpjKVduE0dM3hTg96xxnFaEzafKWYw=s320
blogger.googleusercontent.com/img/a/ 144 KB
144 KB 198ms
196ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgNNTpKOBh0L8GeDgAcmIukcDrtcLexYk5M3dn5AmTH3FnNwaAgvdfLpnyONEhfM3SvQIS_5KlIRulHrz-dxL8LgxrUBLhObz01IpkC55y_bvNonccAVQuTSxAsCXZ5xJpuO0D1FGwwPpaQAv4qI8vJMmK2wLU_YpjKVduE0dM3hTg96xxnFaEzafKWYw=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

38b7a1fd2a7e9170f71ad79f332463a3b9cc0f51d4170bcf4ba5f53c064ebe27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v317e"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1633921102.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147062
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEiHyCSPhsJy3RTJV8ffx_NRaCi2-9Xd6iepf8AJU51bg4fbT-b0iwKJWewlHUUcl5h3w4XoLEj1kXmV0W0UkyP_dOHvD5HmmwZZ_Yh0tpu5zzU9zlxTdBZteAvCWXy8BdO4rMQMLLrGPf1Pkj4JDPiwtzqTnQ3j3oX2cX8DgntaB9-Poi0_GfjzPsn6NA=s320
blogger.googleusercontent.com/img/a/ 49 KB
49 KB 197ms
194ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiHyCSPhsJy3RTJV8ffx_NRaCi2-9Xd6iepf8AJU51bg4fbT-b0iwKJWewlHUUcl5h3w4XoLEj1kXmV0W0UkyP_dOHvD5HmmwZZ_Yh0tpu5zzU9zlxTdBZteAvCWXy8BdO4rMQMLLrGPf1Pkj4JDPiwtzqTnQ3j3oX2cX8DgntaB9-Poi0_GfjzPsn6NA=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd42c2a74de12d5bac5d49951cc39ed5e2c5fb3a4b03087d485f4067a9877ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3174"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1633920874.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49840
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEi69CabWUfkzSYT4sabQfzSy1L8muAKmxSmyDasLh4dj1L7Rcn9nwbPRLT9Rb6pLwueiy_tte_kNNMtOTG-Cxz2binUGbe9Ey1jntJ1tXEXanqJlB4tfvi-Hf2kauVZj0qTqBnurMULMU_VVUr-tA1rmKchxhd46ByGFW0W49dL6z43dM3LLnnmHOlmzQ=s320
blogger.googleusercontent.com/img/a/ 48 KB
48 KB 185ms
183ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEi69CabWUfkzSYT4sabQfzSy1L8muAKmxSmyDasLh4dj1L7Rcn9nwbPRLT9Rb6pLwueiy_tte_kNNMtOTG-Cxz2binUGbe9Ey1jntJ1tXEXanqJlB4tfvi-Hf2kauVZj0qTqBnurMULMU_VVUr-tA1rmKchxhd46ByGFW0W49dL6z43dM3LLnnmHOlmzQ=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3846088472f579b74d155752da829d07f157b8419d5a21ec9bd64c8d708b342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3122"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1633657717.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49505
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H2 200 AVvXsEgFhx9UqBgzTIkXWXHCo0YqfnB8WqjG6SUINmeHroymzUm7OYQQLRKInyjq7oYwrnLqVZIQLu36_76yuvL6rA3iqhHSoMm7qEqltn2hSS-QmjTmOFMEF_6X3AxIB1bji6BIpC3HTEIsc29kBeBbkC2oD-pcVjtyWu1Q6dFm2KthnmYkZ7HM5yDBM_NCuw=s320
blogger.googleusercontent.com/img/a/ 75 KB
76 KB 188ms
186ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgFhx9UqBgzTIkXWXHCo0YqfnB8WqjG6SUINmeHroymzUm7OYQQLRKInyjq7oYwrnLqVZIQLu36_76yuvL6rA3iqhHSoMm7qEqltn2hSS-QmjTmOFMEF_6X3AxIB1bji6BIpC3HTEIsc29kBeBbkC2oD-pcVjtyWu1Q6dFm2KthnmYkZ7HM5yDBM_NCuw=s320

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

540138c1d384c6d54f1032110c6817d0592d05050a40b7269cdf95af66fc28dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v3116"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screenshot_1633657296.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77179
x-xss-protection: 0
expires: Thu, 07 Jul 2022 11:14:26 GMT

GET
H3 200 screenshot_1633314159.png
1.bp.blogspot.com/-609a9hvqfdE/YVpl1rHZf3I/AAAAAAAAMEo/k8yuflZjqz49TrUSe3Zy0PYtmS0iPLOzwCLcBGAsYHQ/s320/ 46 KB
46 KB 46ms
26ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-609a9hvqfdE/YVpl1rHZf3I/AAAAAAAAMEo/k8yuflZjqz49TrUSe3Zy0PYtmS0iPLOzwCLcBGAsYHQ/s320/screenshot_1633314159.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

384029880e0337911e2a7b14d70eca5230fc892240e1dde4277eebc070e10b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:29:45 GMT
x-content-type-options: nosniff
age: 13481
content-disposition: inline;filename="screenshot_1633314159.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46742
x-xss-protection: 0
server: fife
etag: "v3050"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:36:35 GMT

GET
H3 200 screenshot_1633314019.png
1.bp.blogspot.com/-r7eX5fp2n4o/YVplDo2k2gI/AAAAAAAAMEQ/jw3JcKhTdhMLsiDtPf5m39U95nGhqcMswCLcBGAsYHQ/s320/ 98 KB
98 KB 49ms
29ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-r7eX5fp2n4o/YVplDo2k2gI/AAAAAAAAMEQ/jw3JcKhTdhMLsiDtPf5m39U95nGhqcMswCLcBGAsYHQ/s320/screenshot_1633314019.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c569f03f46793112ba2d697933e11647433d4dd2f681fffe7e33ddc578005b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:55:10 GMT
x-content-type-options: nosniff
age: 1156
content-disposition: inline;filename="screenshot_1633314019.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100611
x-xss-protection: 0
server: fife
etag: "v3048"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 01 Jul 2022 18:26:36 GMT

GET
H3 200 screenshot_1632744788.png
1.bp.blogspot.com/--hQwvmhUtJo/YVG18qzlTpI/AAAAAAAAL-c/-THFvK0jYuMmoaD2r6BWad2WcsANiTWWwCLcBGAsYHQ/s320/ 101 KB
101 KB 42ms
22ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--hQwvmhUtJo/YVG18qzlTpI/AAAAAAAAL-c/-THFvK0jYuMmoaD2r6BWad2WcsANiTWWwCLcBGAsYHQ/s320/screenshot_1632744788.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

530215c8984a8eeb4969a864ad342676af446dc566e936c3425a9585b7a1932b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:32:58 GMT
x-content-type-options: nosniff
age: 9688
content-disposition: inline;filename="screenshot_1632744788.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103367
x-xss-protection: 0
server: fife
etag: "v2fec"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 24 Jun 2022 19:34:27 GMT

GET
H3 200 screenshot_1632744037.png
1.bp.blogspot.com/-B9McSd1PUFk/YVGyybzVD3I/AAAAAAAAL9A/0DAqFLSmAgY8tGyUNZ0buRVJX53C1Z1nwCLcBGAsYHQ/s320/ 78 KB
78 KB 45ms
25ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-B9McSd1PUFk/YVGyybzVD3I/AAAAAAAAL9A/0DAqFLSmAgY8tGyUNZ0buRVJX53C1Z1nwCLcBGAsYHQ/s320/screenshot_1632744037.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c0bf8b59e37684b91743310638f86907c278bcabeb470587a79c5791c43ec583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:18:34 GMT
x-content-type-options: nosniff
age: 6952
content-disposition: inline;filename="screenshot_1632744037.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80158
x-xss-protection: 0
server: fife
etag: "v2fd6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Jul 2022 05:03:54 GMT

GET
H3 200 screenshot_1632731729.png
1.bp.blogspot.com/-rFM2nlM4dw0/YVGCx947v2I/AAAAAAAAL8Y/1fbNQRTP5d0okCFrGb8N1sV4Z84cUlyDgCLcBGAsYHQ/s320/ 81 KB
81 KB 52ms
31ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rFM2nlM4dw0/YVGCx947v2I/AAAAAAAAL8Y/1fbNQRTP5d0okCFrGb8N1sV4Z84cUlyDgCLcBGAsYHQ/s320/screenshot_1632731729.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e0cf5e7e432ee3712256a0d3296aae1eadc28f31504461f8613f4fc4b7993d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:55:10 GMT
x-content-type-options: nosniff
age: 1156
content-disposition: inline;filename="screenshot_1632731729.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82492
x-xss-protection: 0
server: fife
etag: "v2fcb"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:19:14 GMT

GET
H3 200 screenshot_1632708365.png
1.bp.blogspot.com/-pPkoWX8_HLM/YVEnVqo-6EI/AAAAAAAAL6g/Y53gApBb0Lwy1E5d6bv6UQJMXpPLadZ7QCLcBGAsYHQ/s320/ 64 KB
64 KB 52ms
32ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-pPkoWX8_HLM/YVEnVqo-6EI/AAAAAAAAL6g/Y53gApBb0Lwy1E5d6bv6UQJMXpPLadZ7QCLcBGAsYHQ/s320/screenshot_1632708365.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb52c9044727804fc001efc14e655ecddd68149a76c4f9a9f1ebdcefefe948f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:55:10 GMT
x-content-type-options: nosniff
age: 1156
content-disposition: inline;filename="screenshot_1632708365.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65978
x-xss-protection: 0
server: fife
etag: "v2fae"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:19:14 GMT

GET
H3 200 screenshot_1632705422.png
1.bp.blogspot.com/--PQoVdFHH4A/YVEcDtFeY_I/AAAAAAAAL4w/p-1TSV_XKSQlzF2aB0qQ11rYvduQaljGgCLcBGAsYHQ/s320/ 78 KB
78 KB 47ms
27ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--PQoVdFHH4A/YVEcDtFeY_I/AAAAAAAAL4w/p-1TSV_XKSQlzF2aB0qQ11rYvduQaljGgCLcBGAsYHQ/s320/screenshot_1632705422.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f0e4da5e33f4ed61ba806b2fc6735bb664af7fc13bd08dc947bbdc994a4855ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:55:10 GMT
x-content-type-options: nosniff
age: 1156
content-disposition: inline;filename="screenshot_1632705422.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80066
x-xss-protection: 0
server: fife
etag: "v2f90"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 05 Jul 2022 14:42:50 GMT

GET
H3 200 screenshot_1632124391.png
1.bp.blogspot.com/-TMuG2KO33eU/YUg-fs1agvI/AAAAAAAALWA/ENQl80751_gZbkkJBk498byLJHk3PryWgCLcBGAsYHQ/s320/ 57 KB
57 KB 50ms
31ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TMuG2KO33eU/YUg-fs1agvI/AAAAAAAALWA/ENQl80751_gZbkkJBk498byLJHk3PryWgCLcBGAsYHQ/s320/screenshot_1632124391.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99bff3099e868f314c0db8e43094fd7d01ebc2ee8311fb4214fef839e70ca8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:35:15 GMT
x-content-type-options: nosniff
age: 2351
content-disposition: inline;filename="screenshot_1632124391.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58740
x-xss-protection: 0
server: fife
etag: "v2d64"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 29 Jun 2022 09:49:51 GMT

GET
H3 200 screenshot_1632037883.png
1.bp.blogspot.com/-U9P7JbaFk_w/YUbsMiVUkxI/AAAAAAAALPs/ziqo1_L75AQNH242fW5B7zngkavaYyKPgCLcBGAsYHQ/s320/ 65 KB
65 KB 47ms
28ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-U9P7JbaFk_w/YUbsMiVUkxI/AAAAAAAALPs/ziqo1_L75AQNH242fW5B7zngkavaYyKPgCLcBGAsYHQ/s320/screenshot_1632037883.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

897ebf15658ff7b8eb0b9a8418282e6074aef3da3ddcb24f7961ea1b05003ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:44:09 GMT
x-content-type-options: nosniff
age: 5417
content-disposition: inline;filename="screenshot_1632037883.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66157
x-xss-protection: 0
server: fife
etag: "v2cfe"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Jul 2022 21:27:00 GMT

GET
H3 200 screenshot_1631956139.png
1.bp.blogspot.com/-4b3wmpF-Wto/YUWtIDPpAEI/AAAAAAAALFk/lIelHlWlt1Qamgim2PTPW0U2yuoPlvcTQCLcBGAsYHQ/s320/ 67 KB
67 KB 39ms
21ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4b3wmpF-Wto/YUWtIDPpAEI/AAAAAAAALFk/lIelHlWlt1Qamgim2PTPW0U2yuoPlvcTQCLcBGAsYHQ/s320/screenshot_1631956139.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b28fffa08bea0e4879a1451f5c7d08374bfa0975915b21789f904c0182bc598c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:32:58 GMT
x-content-type-options: nosniff
age: 9688
content-disposition: inline;filename="screenshot_1631956139.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68194
x-xss-protection: 0
server: fife
etag: "v2c60"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 19 Jun 2022 23:09:19 GMT

GET
H3 200 screenshot_1631362029.png
1.bp.blogspot.com/-jSTa5azDEFE/YTycLFgpAmI/AAAAAAAAKTg/5hI7gwT1hvQe7Dmm3giNVF6-4FYqLMDTwCLcBGAsYHQ/s320/ 57 KB
57 KB 40ms
22ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jSTa5azDEFE/YTycLFgpAmI/AAAAAAAAKTg/5hI7gwT1hvQe7Dmm3giNVF6-4FYqLMDTwCLcBGAsYHQ/s320/screenshot_1631362029.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4928cbefa3ed517a423675a4debf7f467baa8dc4553af73e9592a2d574528a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:51:30 GMT
x-content-type-options: nosniff
age: 12176
content-disposition: inline;filename="screenshot_1631362029.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58599
x-xss-protection: 0
server: fife
etag: "v293b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 01 Jul 2022 19:25:06 GMT

GET
H3 200 screenshot_1631280002.png
1.bp.blogspot.com/-Xf9fn2X6al0/YTtb0VaFUYI/AAAAAAAAKHk/BpJ9eK9Ro3w1iIeRjBLlUP46aQ5DVro0wCLcBGAsYHQ/s320/ 80 KB
80 KB 36ms
17ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Xf9fn2X6al0/YTtb0VaFUYI/AAAAAAAAKHk/BpJ9eK9Ro3w1iIeRjBLlUP46aQ5DVro0wCLcBGAsYHQ/s320/screenshot_1631280002.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d49e24b2e9a486162e24d1feb0b68c7a386be42a0ac65a801aaa06ed5f4e78ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:01:17 GMT
x-content-type-options: nosniff
age: 4389
content-disposition: inline;filename="screenshot_1631280002.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81580
x-xss-protection: 0
server: fife
etag: "v287f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:15:09 GMT

GET
H3 200 screenshot_1631190688.png
1.bp.blogspot.com/-sS6iZv79zHc/YTn-9WpIH9I/AAAAAAAAKBU/pziQpaqYnZ4XkOIr6nlu6x1p7pwcOXyvACLcBGAsYHQ/s320/ 51 KB
51 KB 29ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-sS6iZv79zHc/YTn-9WpIH9I/AAAAAAAAKBU/pziQpaqYnZ4XkOIr6nlu6x1p7pwcOXyvACLcBGAsYHQ/s320/screenshot_1631190688.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab5d2838ea539e21ffd8bafec816826e2ea9dff6544d1a175c0c0e3c5666871a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:44:19 GMT
x-content-type-options: nosniff
age: 5407
content-disposition: inline;filename="screenshot_1631190688.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52659
x-xss-protection: 0
server: fife
etag: "v281a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 01 Jul 2022 01:00:07 GMT

GET
H3 200 screenshot_1630501993.png
1.bp.blogspot.com/-8GGNEi0wWD4/YS98sln80TI/AAAAAAAAJd0/vomtHhTqgukRRpT_Y2G3hrMVl1t33AYLQCLcBGAsYHQ/s320/ 80 KB
80 KB 32ms
13ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-8GGNEi0wWD4/YS98sln80TI/AAAAAAAAJd0/vomtHhTqgukRRpT_Y2G3hrMVl1t33AYLQCLcBGAsYHQ/s320/screenshot_1630501993.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0b4ae784c5f5a27210a3a7ebdde9a0fe63f9231ade33ed4b4dbb14c3e2f29715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 07:51:30 GMT
x-content-type-options: nosniff
age: 12176
content-disposition: inline;filename="screenshot_1630501993.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82008
x-xss-protection: 0
server: fife
etag: "v25e1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 01 Jul 2022 19:25:06 GMT

GET
H3 200 screenshot_1630050631.png
1.bp.blogspot.com/-Cwv8tkwMxWA/YSiZnKwEbSI/AAAAAAAAIzw/QQqDBR6m1DI22gGJwW9D4LJeBoOs-DAowCLcBGAsYHQ/s320/ 67 KB
67 KB 53ms
34ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Cwv8tkwMxWA/YSiZnKwEbSI/AAAAAAAAIzw/QQqDBR6m1DI22gGJwW9D4LJeBoOs-DAowCLcBGAsYHQ/s320/screenshot_1630050631.png

Requested by

Host: canadapayment.online
URL: http://canadapayment.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d215505caee0241e345bc1aba37a323488688839a516116043bf0f1884d3ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 10:01:17 GMT
x-content-type-options: nosniff
age: 4389
content-disposition: inline;filename="screenshot_1630050631.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68860
x-xss-protection: 0
server: fife
etag: "v2340"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Jun 2022 21:15:12 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 46ms
28ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2283606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13548
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHwrQUmTpMUI3KtT8tryy16YJl9LYxOtQ9BLsSoNe6gu4qiN1ki98CHIdNk%2B5WkOMFoN2oi%2BQjn5JBmkQu56TErOj0ts8alVnREtDffugYl3uee92Gg7j3GBboWO7tbQgpfWG3CqkXqWpV5edK38xgN9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7267eab219ad0204-ZRH
expires: Mon, 26 Jun 2023 11:14:26 GMT

GET
H3 200 liveh4z.com.1326933.es6.js Show response
jsc.adskeeper.co.uk/l/i/ 259 KB
78 KB 48ms
36ms Script
text/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326933.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326933.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe9c5f0cfdfe5357f1b51351b5acf7e0f16f8331064ed41648b70c0da2145db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2105
cf-ray: 7267eab2382e9202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79686
x-amz-id-2: XxB+u2xfJFOdwb84Jc5n9Gw6tqwfmIhh5ByWQrfUAGkTeY0j2KxiHuW0dF6xNCGsPUPo6y5n528=
last-modified: Sat, 18 Jun 2022 07:02:26 GMT
server: cloudflare
etag: "6e9ae3dcdf693b8699650f4100d352ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4HCMG8YCNG4QSYEY
cache-control: public, max-age=14400
x-amz-version-id: B27nRcSL3xuIbGyTOuz8NuCHljPwKFVD
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
H3 200 liveh4z.com.1326929.es6.js Show response
jsc.adskeeper.co.uk/l/i/ 259 KB
78 KB 54ms
44ms Script
text/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1c70ddd7f18e58360f537527123d5147da87648dcb9587f11440b0880e8b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 961
cf-ray: 7267eab238329202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79760
x-amz-id-2: MHKTApVAlLHhEAJMF8wxvKs96ocAhZG4GqHxc1nSeOIFglqGKEWaW+3aGI7W6cv7FvS1fVW/1xQ=
last-modified: Sat, 18 Jun 2022 07:00:45 GMT
server: cloudflare
etag: "336aa3ab921441ac13351b6a4b4a5ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4HCHJPG148SV3MTD
cache-control: public, max-age=14400
x-amz-version-id: c8ZNMojhOqRX1eVEgHwOuPTKU1JcswTC
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185289874-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1098
date: Wed, 06 Jul 2022 10:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Jul 2022 12:56:08 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=234819438&t=pageview&_s=1&dl=http%3A%2F%2Fcanadapayment.online%2F&ul=en-us&de=UTF-8&dt=Video%20idol%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=726466774&gjid=191218524&cid=2069293423.1657106066&tid=UA-185289874-1&_gid=1100376020.1657106066&_r=1&gtm=2ou6t0&z=173730392

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://canadapayment.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 11:14:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://canadapayment.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK acb4865d-abd9-4256-af51-150a925711fc
http://canadapayment.online/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/acb4865d-abd9-4256-af51-150a925711fc
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 58b52811-aabb-4ee7-95a4-388f5e3063a8
http://canadapayment.online/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/58b52811-aabb-4ee7-95a4-388f5e3063a8
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
BLOB 200
OK 72ac74c2-46e2-4623-b7c5-5096226901cd
http://canadapayment.online/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/72ac74c2-46e2-4623-b7c5-5096226901cd
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 66f60b81-df79-431a-9ac6-64622961a140
http://canadapayment.online/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/66f60b81-df79-431a-9ac6-64622961a140
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
BLOB 200
OK 1718417d-b1af-42e1-9805-6f335966df3a
http://canadapayment.online/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/1718417d-b1af-42e1-9805-6f335966df3a
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK fa537bb1-a9b5-4212-881b-c7fa882250e1
http://canadapayment.online/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/fa537bb1-a9b5-4212-881b-c7fa882250e1
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 liveh4z.com.1326932.es6.js Show response
jsc.adskeeper.co.uk/l/i/ 263 KB
78 KB 17ms
16ms Script
text/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326932.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326932.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337f7fdd275c6dbe4036bc40584f445234b9019605bfb0559a0c1d088573f1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 962
cf-ray: 7267eab379cf9202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79000
x-amz-id-2: GHNQ6IpyedtSp8Fk76BLy+tw2bFq1iKnbI7iLoeolXCarYdkJIGjV3OesYfWhft3bfCU6oxd9xA=
last-modified: Sat, 18 Jun 2022 07:01:42 GMT
server: cloudflare
etag: "53f74d2a523cef8cb76f3081fbc21896"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4HCV39WZAFTPBKXJ
cache-control: public, max-age=14400
x-amz-version-id: D4IBOURfaxNeLbtKmYZ7X6SUOPduHG3x
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ 0
44 B 33ms
23ms Script
text/plain 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1657106066474713648624&lct=1655510400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fcanadapayment.online%2F&lu=http%3A%2F%2Fcanadapayment.online%2F&sessionId=62c56e92-014a0&pageView=1&pvid=181d337ec2bbadf240c&site=715486&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326933.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7267eab38b3f913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
BLOB 206
Partial Content fd55860e-771b-40ae-af1f-a58eb831bf2a
http://canadapayment.online/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/fd55860e-771b-40ae-af1f-a58eb831bf2a
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://canadapayment.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 035e9992-b20d-4474-a6c4-fb6751e17650
http://canadapayment.online/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/035e9992-b20d-4474-a6c4-fb6751e17650
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://canadapayment.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 58c54296-f1dd-4d36-8bf5-7409caabb1d0
http://canadapayment.online/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/58c54296-f1dd-4d36-8bf5-7409caabb1d0
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://canadapayment.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 23ms
13ms Image
image/svg+xml 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: P23G98T0RPS1923H
x-amz-id-2: +pkIcnDW5LI90x9mr22bkfqfBqu9Ndl9EtSQVcNdlUzWcDpVywyJ6BJrec3/moiJaPWw/mY5K2s=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-version-id: null
cf-ray: 7267eab3cb90913c-FRA
expires: Wed, 06 Jul 2022 15:14:26 GMT

GET
BLOB 200
OK 0bf28948-aed0-40cf-a17c-c29c09f0403a
http://canadapayment.online/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/0bf28948-aed0-40cf-a17c-c29c09f0403a
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 307a6370-ed02-42ff-afc2-09acd8dbb7b4
http://canadapayment.online/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/307a6370-ed02-42ff-afc2-09acd8dbb7b4
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/1326929/ 4 KB
2 KB 56ms
43ms Script
application/x-javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/1326929/1?mp4=1&ap=1&w=1570&h=327&cols=4&pv=5&cbuster=1657106066564817544421&uniqId=1639d&lct=1655510400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fcanadapayment.online%2F&lu=http%3A%2F%2Fcanadapayment.online%2F&sessionId=62c56e92-014a0&pageView=1&pvid=181d337ec2bbadf240c&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a5414cec4ab066f01e2760419642555e60ca820aadc844ef15fda6c64702ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 7267eab42c09913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/1326933/ 4 KB
2 KB 56ms
46ms Script
application/x-javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/1326933/1?pv=5&cbuster=1657106066567831205730&lct=1655510400&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1570&h=327&cols=4&ref=&cxurl=http%3A%2F%2Fcanadapayment.online%2F&lu=http%3A%2F%2Fcanadapayment.online%2F&sessionId=62c56e92-014a0&pageView=0&pvid=181d337ec2bbadf240c&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326933.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0d506d0df45523e0f3043321e7202f5a285b6675eb0b7b17a418fe214b24f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 7267eab42c0c913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 206
Partial Content c2811017-7f28-4e18-b632-4e76acb9aa28
http://canadapayment.online/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://canadapayment.online/c2811017-7f28-4e18-b632-4e76acb9aa28
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://canadapayment.online/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/1326929/ 4 KB
2 KB 33ms
33ms Script
application/x-javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/1326929/1?mp4=1&ap=1&w=1570&h=327&cols=4&pv=5&cbuster=1657106066591700975539&uniqId=00cc7&lct=1655510400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fcanadapayment.online%2F&lu=http%3A%2F%2Fcanadapayment.online%2F&sessionId=62c56e92-014a0&pageView=0&pvid=181d337ec2bbadf240c&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ade887efdd81bb1ee3a6bae7be96ad8f77ebeef7d6d2e781cdc4378d48988f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 7267eab43c30913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 widget-ssp-performance
c.adskeeper.co.uk/ 43 B
233 B 27ms
27ms Image
image/gif 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/widget-ssp-performance?time=57
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7267eab46b209202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzY2MzY2MS84ZTI2MDIyMGI0MjM4OGExO...
s-img.adskeeper.co.uk/g/10570965/492x328/-/ 31 KB
31 KB 527ms
151ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/10570965/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzY2MzY2MS84ZTI2MDIyMGI0MjM4OGExOGY4ZDc0ZTg2NGMwNjIzMy5qcGc.webp?v=1657106066-4vbd12XfRa5bveC2pjeKOXFnK9nWEsqJRJmOlfjR7E4
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 14dac4d369a32452ce74b787539b0743a0d40092005ef8e9fba75d9ca50ef3ea

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc8, fr5-up-gc32
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Wed, 06 Jul 2022 01:22:21 GMT
x-mg-request-uuid: 989a523e-d0c2-49a8-a426-0f58fad0e381
x-cached-since: 2022-07-06T01:23:17+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 31854
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MTAseV8yODgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvM...
s-img.adskeeper.co.uk/g/13434035/492x328/-/ 51 KB
51 KB 527ms
151ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13434035/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MTAseV8yODgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMzE0NzIyLzIzMWI3MWY1ZDM5Mzc2N2E0MzM5ZTkzODNmNWRiZGE0LmpwZWc.webp?v=1657106066-xyd8YH0tkuU7YABWpqfbq0an_BShjVMMYvegvvVvd3I
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7f7949ca211ec474c4a841bbb27df64c935f09a0bd218daad4c70e6f1e6a2267

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc28, fr5-up-gc35
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Tue, 05 Jul 2022 11:37:17 GMT
x-mg-request-uuid: 3e5fb4cd-39b3-429a-8a5c-f6e04b5f6d29
x-cached-since: 2022-07-05T11:37:17+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 51854
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2OTQwMy9lM2Q3NzM5YWE0NGI3OGYyYTZmYmFlY...
s-img.adskeeper.co.uk/g/13411353/492x328/-/ 1 MB
1 MB 456ms
81ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13411353/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2OTQwMy9lM2Q3NzM5YWE0NGI3OGYyYTZmYmFlYTY4NDg4YzY4ZC5naWY.gif?v=1657106066-6hb9GSF-HQSqvr95sxqw5Px_fdrPeC7gB9N_KOp4zgc
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ec73bba3e641d5bb819f6b6a57596a360e9ab9ea388782b767a003ae22a3ae97

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc8, fr5-up-gc16
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 01 Jul 2022 15:43:12 GMT
x-mg-request-uuid: bd7c4361-4fe7-46a6-93db-d742978b1f97
x-cached-since: 2022-07-04T11:12:06+00:00, 2022-07-05T22:07:57+00:00
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: HIT, HIT
accept-ranges: bytes
content-length: 1526499
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzU2OTI5OS84ZGMyYTc0M2RmMDI3NmExN...
s-img.adskeeper.co.uk/g/12569707/492x328/-/ 6 KB
6 KB 534ms
159ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/12569707/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzU2OTI5OS84ZGMyYTc0M2RmMDI3NmExN2I1Zjk1YzQ5MmJhZTkwMi5qcGVn.webp?v=1657106066-UtWyKoBdPWiAwo3zEtoe8pLXddPnrG-IvJSg9Wg0PuI
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fd7eee9cbe842a9e78481b6c158a28abc33ea5ff51d4eb062ca494d1ee9f4449

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc6, fr5-up-gc38
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Wed, 01 Jun 2022 13:20:35 GMT
x-mg-request-uuid: c162753c-b969-4d82-b7c7-9fb87ec18b7d
x-cached-since: 2022-06-07T09:19:56+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 6452
server: nginx

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 0
102 B 138ms
129ms Script
application/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1657106066631314571400
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 11:14:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7267eab48cad913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame 6B8C 0
38 B 127ms
127ms Script
application/javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1657106066657154901557
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326929.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 11:14:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7267eab4acdc913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 1 Show response
servicer.adskeeper.co.uk/1326932/ 12 KB
4 KB 53ms
53ms Script
application/x-javascript 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/1326932/1?mp4=1&ap=1&w=1600&h=2925&cols=1&pv=5&cbuster=1657106066660195896989&uniqId=0aa86&lct=1655510400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fcanadapayment.online%2F&lu=http%3A%2F%2Fcanadapayment.online%2F&sessionId=62c56e92-014a0&pageView=0&pvid=181d337ec2bbadf240c&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/l/i/liveh4z.com.1326932.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea1f4a55240192d69ac6e5b6394259119d73e323d6d52b662945dcafdc1c1023

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 7267eab4bb769202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTEwLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3L...
s-img.adskeeper.co.uk/g/13434035/492x277/-/ 44 KB
45 KB 440ms
159ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13434035/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTEwLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzMxNDcyMi8yMzFiNzFmNWQzOTM3NjdhNDMzOWU5MzgzZjVkYmRhNC5qcGVn.webp?v=1657106066-LfQ8RVfEDHx4f_nWGIKt5ZwLvcHJ15jIUn2FDlgrJvw
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1962fa3a4fe09edf1283fed2056b7c3f3d544f16df5159c73cb226af684c5be9

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc8, fr5-up-gc37
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Tue, 05 Jul 2022 11:37:12 GMT
x-mg-request-uuid: 3b681d16-16e9-4ad5-bba8-0c5c30685926
x-cached-since: 2022-07-05T11:47:18+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 45474
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNjk0MDMvZTNkNzczOWFhNDRiNzhmMmE2ZmJhZ...
s-img.adskeeper.co.uk/g/13411353/492x277/-/ 1 MB
1 MB 439ms
159ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13411353/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfZmFjZXM6YXV0byx3Xzk2MC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNjk0MDMvZTNkNzczOWFhNDRiNzhmMmE2ZmJhZWE2ODQ4OGM2OGQuZ2lm.gif?v=1657106066-5PXH9Bmx187e8T9c3a-EXF3FOf6ibuPA8_n7mTlk1fY
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 632429236a82e2d992733aed1ad07666448e83e74e1e136d85775484e12bd3c2

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc6, fr5-up-gc31
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 01 Jul 2022 15:42:59 GMT
x-mg-request-uuid: 8b4cb294-cb74-41a9-aac1-0c00cfe77680
x-cached-since: 2022-07-04T11:08:50+00:00
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 1187695
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy81NjkyOTkvOGRjMmE3NDNkZjAyNzZhM...
s-img.adskeeper.co.uk/g/12569707/492x277/-/ 6 KB
6 KB 103ms
101ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/12569707/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy81NjkyOTkvOGRjMmE3NDNkZjAyNzZhMTdiNWY5NWM0OTJiYWU5MDIuanBlZw.webp?v=1657106066-HYYp2VFk6lPaYatr_j2Ctiv7M6I54whAWfFhLNzJvOk
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: eb8bb874ced68a143fee84a02bd867070bdada50718cddbf7cab321a4434e37b

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc6, fr5-up-gc15
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Wed, 01 Jun 2022 13:15:00 GMT
x-mg-request-uuid: ddd60aba-e8c5-4d0f-bf3c-72a17c4a4fd7
x-cached-since: 2022-07-04T14:17:09+00:00, 2022-07-05T13:02:39+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: HIT, HIT
accept-ranges: bytes
content-length: 5854
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvOGUyNjAyMjBiNDIzODhhM...
s-img.adskeeper.co.uk/g/10570965/492x277/-/ 27 KB
27 KB 101ms
100ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/10570965/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvOGUyNjAyMjBiNDIzODhhMThmOGQ3NGU4NjRjMDYyMzMuanBn.webp?v=1657106066-6imAwg73M2ePVn56vluYCcEvVnRoxLSVb7xnrXUsQUo
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4b9ba89bc712955f0f2c5197a5a509676d142739240b462b6889f9a7583858e9

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc28, fr5-up-gc35
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Wed, 06 Jul 2022 01:21:19 GMT
x-mg-request-uuid: 6384ed07-e17d-4193-a0c8-910828a59c47
x-cached-since: 2022-07-06T01:49:16+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 27426
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi80NzI3NjAvZDE2N...
s-img.adskeeper.co.uk/g/13178885/492x277/-/ 11 KB
11 KB 104ms
102ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13178885/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi80NzI3NjAvZDE2N2E4YzIyOTRkZjFhOGZlMjEzMTQ3YTJjY2U3ZjguanBlZw.webp?v=1657106066-GLIlyKJwogsFhbb0vE-zUsePaS1DBXpqCTHRIXnLDEA
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cb03fec863af5dc66af02a17bcdedc2a115d5a2807bdc46438bb43db93a33988

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc8, fr5-up-gc30
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 10 Jun 2022 05:39:17 GMT
x-mg-request-uuid: 527d4d94-d9da-4069-97ff-91930fbf5072
x-cached-since: 2022-06-16T14:34:03+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 11070
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80OTYzNzEvZGRiZDc3YjFlODY0ZWM3Y...
s-img.adskeeper.co.uk/g/11765366/492x277/-/ 10 KB
10 KB 104ms
103ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/11765366/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi80OTYzNzEvZGRiZDc3YjFlODY0ZWM3YWIxZTc0Mjc1ZjkzZjhmZTYuanBn.webp?v=1657106066-UwdE--I_xHbHnbO1v0mS1i4t_-tU_DIpY3pCdYtvTxo
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f65eb1b6d88932f88bc5de980642f0746ebf3dd0e7ccadb01744dc9344822f4c

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc28, fr5-up-gc28
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 10 Jun 2022 12:03:12 GMT
x-mg-request-uuid: f5100ea7-ad20-4825-a05e-70a1dd308f85
x-cached-since: 2022-06-10T12:03:32+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 10264
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zODIwNzIvYTFlM...
s-img.adskeeper.co.uk/g/13436079/492x277/-/ 12 KB
12 KB 102ms
101ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13436079/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zODIwNzIvYTFlMjQzODg1MjgyNDJhNzJiZTE1MmE1YWI0YjlmODkuanBlZw.webp?v=1657106066-gEGpCOfSNRJcljPUUxVFknb4nVOh4vk4Onm2_yfDFqw
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a83a170b0bf8ade4ddd4b06e9608affba850add46f09eb0c87eb5e65c3b03afb

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc28, fr5-up-gc15
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Wed, 06 Jul 2022 06:52:49 GMT
x-mg-request-uuid: 7e6d2dd6-aa73-4d64-b63f-29a0f7e78eb9
x-cached-since: 2022-07-06T06:57:04+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 11934
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2Y...
s-img.adskeeper.co.uk/g/12290497/492x277/-/ 19 KB
19 KB 101ms
100ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/12290497/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2YTM1NzFlMzgzY2U0MjYzZTIuanBn.webp?v=1657106066-IrWaniTF9OeD5jZzI5R63C_ILflXNQnFYtPusCkyIac
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc33, fr5-up-gc32
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Thu, 03 Mar 2022 09:30:40 GMT
x-mg-request-uuid: 051cd5f4-4b15-48f8-bcb3-b05673e2d0e1
x-cached-since: 2022-06-07T09:48:05+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 19450
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNTY2MDUvZjYxO...
s-img.adskeeper.co.uk/g/13406514/492x277/-/ 12 KB
12 KB 102ms
101ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13406514/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNTY2MDUvZjYxODg0NWNlZmI1YWI5NjYxNTNiYWZjZTZhZWVkNzkuanBn.webp?v=1657106066-cmxsOKQlY8ULLTIKUxNI8DzDp_Wgnr0qrXiivCRC3uc
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 69b9acc268bd310bfcdce7fcd27ff1f574d5567f4e1805b34b927ad1e0ab04b4

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc8, fr5-up-gc35
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 01 Jul 2022 11:58:10 GMT
x-mg-request-uuid: f057b616-3092-452f-854b-4affe0b56e49
x-cached-since: 2022-07-03T19:28:12+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 11838
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvZTBjY...
s-img.adskeeper.co.uk/g/12658889/492x277/-/ 5 KB
5 KB 103ms
101ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/12658889/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvZTBjYTFlMTU5ZDAwNWQ5NmUwYjliMmI0OGY0MWE5YzIuanBlZw.webp?v=1657106066-Br5PBD05tD_8-ws5eB0YJv7t3qW-Fy3pE56XKQvezYM
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 35b2183535267b95f234d1e6e91f8d693d488f85e1a9d7687e7d32ddb2ae5781

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc6, fr5-up-gc15
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 08 Apr 2022 22:19:29 GMT
x-mg-request-uuid: 44e3ed44-d065-4fb9-b8cf-55753c817142
x-cached-since: 2022-07-04T14:17:10+00:00, 2022-07-05T13:02:49+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: HIT, HIT
accept-ranges: bytes
content-length: 5216
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80ODUxMDAvYmVhO...
s-img.adskeeper.co.uk/g/13435960/492x277/-/ 19 KB
19 KB 103ms
102ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13435960/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy80ODUxMDAvYmVhOGQ0ODBiYzUzYjlkNWEwOTU0ZDJkYTNmNWMxMDkuanBlZw.webp?v=1657106066-OMgFlbDm8Fq1XJ9tXyc3Bnvu-3yOT1yAK6ztHaZDG6E
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7399a1169c4b821ff180eb5f0d9dc7db37e96504876e0f323275cba4998bd6b9

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc28, fr5-up-gc31
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Wed, 06 Jul 2022 07:15:38 GMT
x-mg-request-uuid: b370169e-6870-4490-8598-114a5f3805c7
x-cached-since: 2022-07-06T07:28:30+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 18948
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zMDA0MjQvZDE3O...
s-img.adskeeper.co.uk/g/13431317/492x277/-/ 12 KB
13 KB 104ms
103ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13431317/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zMDA0MjQvZDE3OGQ2OTFiZTAzODRmYjVkMGRjYTYxYzhjY2M0NzAuanBlZw.webp?v=1657106066-YNU-Gb_dItLFzmUrRSeyBxP-8cNpVzcCce4SIK7V5xY
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8a9035bd6843c3741e99550c5d529efff8798e91b24699a430104ad08176be1c

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc8, fr5-up-gc28
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Tue, 05 Jul 2022 02:23:03 GMT
x-mg-request-uuid: 63e91008-4f75-4b4a-aeec-38502eb8aeb6
x-cached-since: 2022-07-05T04:06:30+00:00, 2022-07-05T05:10:19+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: HIT, HIT
accept-ranges: bytes
content-length: 12632
server: nginx

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvOTgwMjIvNGM5YTgwOWU2ZjlhODkxNjkyNDAyNjcyZDMyMGE1MGQuanBn.webp
s-img.adskeeper.co.uk/g/8024853/492x277/0x45x649x432/ 12 KB
12 KB 104ms
102ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8024853/492x277/0x45x649x432/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvOTgwMjIvNGM5YTgwOWU2ZjlhODkxNjkyNDAyNjcyZDMyMGE1MGQuanBn.webp?v=1657106066-iIQ8YR-kDxKecFuNdMk4eY--1QM3BDOENxyCWxmBU8c
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 44106e49141587897288827b99645b2607cbec88759d04abc291edd043422fc1

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc33, fr5-up-gc31
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Thu, 11 Nov 2021 15:56:35 GMT
x-mg-request-uuid: a118f08e-e5cb-459b-b1fc-3fc7ad72e2b3
x-cached-since: 2022-07-05T12:46:23+00:00, 2022-07-05T13:44:05+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: HIT, HIT
accept-ranges: bytes
content-length: 12042
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy80NzI3NjAvMTAyODUxYmYzNmE0Zjg0O...
s-img.adskeeper.co.uk/g/13178572/492x277/-/ 15 KB
15 KB 102ms
100ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13178572/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy80NzI3NjAvMTAyODUxYmYzNmE0Zjg0ODRhZmJmYWJkYzMyNDMwYjguanBlZw.webp?v=1657106066-oBlmmF_ANnSXlC7njyE6hTQMrNa_9EtnE_NSEDabs8k
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e286f2c3615188785f7c7f9e8b4a6a327f9e17f67e46415624e3e9104b2c6ddb

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc28, fr5-up-gc38
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Fri, 10 Jun 2022 05:40:14 GMT
x-mg-request-uuid: c17e686e-3da0-441c-940c-2908e7a3ce26
x-cached-since: 2022-06-27T07:55:37+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 15086
server: nginx

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8yNzYwNTkvZmFlY...
s-img.adskeeper.co.uk/g/13061640/492x277/-/ 18 KB
18 KB 103ms
102ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/13061640/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8yNzYwNTkvZmFlYmVmM2M5YjJkZWEyNjQwYzY1NTAyZWFiMzdjYzEuanBn.webp?v=1657106066-9hEJ77imDra4OzzzXdxAd5sJSO1mJcFpO_OWFOY2pGQ
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 082f678ad8c56b2d008eeedb4dcc04050151ad51fb313718c378d183de026cec

Request headers

Referer: http://canadapayment.online/
Origin: http://canadapayment.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: dc3-up-gc6, fr5-up-gc35
date: Wed, 06 Jul 2022 11:14:27 GMT
last-modified: Mon, 30 May 2022 02:45:52 GMT
x-mg-request-uuid: 45a39614-d7cf-4804-985b-c97f09dd9776
x-cached-since: 2022-06-08T11:27:30+00:00
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cache: MISS, HIT
accept-ranges: bytes
content-length: 18398
server: nginx

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
278 B 26ms
26ms Image
image/gif 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=377|288|24|_aZodwfqR9AlOoTVhk5I-S6KqBzxeBRNEKwnyFVShCm7GQjufaeRO9NcKND4Ote0&fw=1&extjs=66044&v=377|288|8|YddiMIORiJ2guvm0sjSunM8p3vgc6jOWh_eipgboX-IcRL0GeQyeO3JbEu7CfkYK&v=377|288|40|JuHl8MevEGiLRump1cwuIQboXFCDvT3dfa_DqxbWPD7h8DvpBtgE0bpx-SZB43WQ&cid=1326933&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=cc0dbfbb-fd1c-11ec-ac4d-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=181d337ec2bbadf240c&cbuster=1657106068441750972960
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:28 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 92617c47-001a-4cc0-b6d0-ca19eb6ebb93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7267eabfc8619202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
279 B 22ms
22ms Image
image/gif 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=377|288|40|l5vByG9bR0ZrG9ddVqIb5C6KqBzxeBRNEKwnyFVShCnItdc5YGwwKi72XU9tHmvs&fw=1&extjs=66044&v=377|288|24|Dx32zagXD4qTDBpNFI1prs8p3vgc6jOWh_eipgboX-ICMxJpSbs9Vs52BiHCImVS&v=377|288|8|KBZteuCH6WncYQLfM0fuDwboXFCDvT3dfa_DqxbWPD5J9cCStqJXS9vyM79HUPhW&cid=1326929&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=cc0cd44d-fd1c-11ec-8d98-e43d1a2a04aa&tt=Direct&iv=11&pageImp=0&pvid=181d337ec2bbadf240c&cbuster=1657106068443534382513
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:28 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 50ce1496-0a04-4b64-86de-69a32ae2e053
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7267eabfc8639202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
279 B 28ms
28ms Image
image/gif 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?pv=3&v=377|288|8|931qS01tMtaB4UaBJ9n7AywEoKIbcXtd2h3AZawnqpg7BAvSMiG3cdZSE4dOGwq-&extjs=66044&cid=1326933&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=cc0dbfbb-fd1c-11ec-ac4d-e43d1a2a53a0&tt=Direct&iv=11&pageImp=0&pvid=181d337ec2bbadf240c&cbuster=1657106068640834788591
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:28 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 525a84aa-3216-4b5f-8c00-8f49809e1503
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7267eac109d89202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
279 B 24ms
24ms Image
image/gif 104.18.26.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?pv=3&v=377|288|8|4S15FQywF-zcgkzndL_CfiwEoKIbcXtd2h3AZawnqpi9Y6D9KRiixN7s2v53angl&extjs=66044&cid=1326929&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=cc0cd44d-fd1c-11ec-8d98-e43d1a2a04aa&tt=Direct&iv=11&pageImp=0&pvid=181d337ec2bbadf240c&cbuster=1657106068640458340588
Requested by: Host: canadapayment.online
URL: http://canadapayment.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.26.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://canadapayment.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:14:28 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 26802607-b860-46f6-aeea-49df0d88766d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7267eac109d99202-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.canadapayment.online/	1970-01-20 21:49:38	Name: _ga Value: GA1.2.2069293423.1657106066
.canadapayment.online/	1970-01-20 04:19:52	Name: _gid Value: GA1.2.1100376020.1657106066
.canadapayment.online/	1970-01-20 04:18:26	Name: _gat_gtag_UA_185289874_1 Value: 1
canadapayment.online/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1326933%22%3A%7B%22page%22%3A1%2C%22time%22%3A1657106066652%7D%2C%22C1326929%22%3A%7B%22page%22%3A1%2C%22time%22%3A1657106066633%7D%2C%22C1326932%22%3A%7B%22page%22%3A1%2C%22time%22%3A1657106066722%7D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://canadapayment.online/(Line 272) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
blogger.googleusercontent.com
c.adskeeper.co.uk
canadapayment.online
cdn.adskeeper.co.uk
cdnjs.cloudflare.com
cm.adskeeper.co.uk
code.jquery.com
itcafe.vn
jsc.adskeeper.co.uk
maxcdn.bootstrapcdn.com
s-img.adskeeper.co.uk
sectury.com
servicer.adskeeper.co.uk
www.google-analytics.com
www.googletagmanager.com
104.18.26.174
2001:4de0:ac18::1:a:3a
209.145.56.77
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2008
2a03:90c0:41:2801::254
2a06:98c1:3120::3
45.252.248.12
080daf5b4c915ab46f782a181de429706e38f1cccc19c26842ca2cea0cdfab45
082f678ad8c56b2d008eeedb4dcc04050151ad51fb313718c378d183de026cec
0b4ae784c5f5a27210a3a7ebdde9a0fe63f9231ade33ed4b4dbb14c3e2f29715
0d215505caee0241e345bc1aba37a323488688839a516116043bf0f1884d3ec5
14dac4d369a32452ce74b787539b0743a0d40092005ef8e9fba75d9ca50ef3ea
1962fa3a4fe09edf1283fed2056b7c3f3d544f16df5159c73cb226af684c5be9
1d0d506d0df45523e0f3043321e7202f5a285b6675eb0b7b17a418fe214b24f9
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3006910ebbdfc1e79332a1f118da840262abcefd51150ae50f218899a1f26828
337f7fdd275c6dbe4036bc40584f445234b9019605bfb0559a0c1d088573f1d5
35b2183535267b95f234d1e6e91f8d693d488f85e1a9d7687e7d32ddb2ae5781
384029880e0337911e2a7b14d70eca5230fc892240e1dde4277eebc070e10b76
3846088472f579b74d155752da829d07f157b8419d5a21ec9bd64c8d708b342f
38b7a1fd2a7e9170f71ad79f332463a3b9cc0f51d4170bcf4ba5f53c064ebe27
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3f257d79f976941cacbdfff6b81212c61a9bb95b1e99e64c90b1703b62b568c7
40f40851b74a3f015f08b74a5e6e47a0e83643b931d371c5a14ee11ee73e5e47
41ade887efdd81bb1ee3a6bae7be96ad8f77ebeef7d6d2e781cdc4378d48988f
44106e49141587897288827b99645b2607cbec88759d04abc291edd043422fc1
4928cbefa3ed517a423675a4debf7f467baa8dc4553af73e9592a2d574528a2f
4b9ba89bc712955f0f2c5197a5a509676d142739240b462b6889f9a7583858e9
4ce510ffe41787ff8b77914205880ae67ed5f7ebf2686d8a502b8705ab17efe5
530215c8984a8eeb4969a864ad342676af446dc566e936c3425a9585b7a1932b
540138c1d384c6d54f1032110c6817d0592d05050a40b7269cdf95af66fc28dc
5acb50395e2b1582a7f06568ed9c8706b2e71730bf3f42ade8f0b334c0b9c3f0
5c84881ac3539581a10a11bf55a3fe34a368ae11d01b5a3b5649b5cad24a744a
5cc3f60bb43f640fe82f6e84519053c0e2f94d6b7a65938c68233d0addd9d629
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
632429236a82e2d992733aed1ad07666448e83e74e1e136d85775484e12bd3c2
6487c3eb58cf0be3a4f87446803c92bccf24ad639932f1b1acb3fb4b2e6265cc
69b9acc268bd310bfcdce7fcd27ff1f574d5567f4e1805b34b927ad1e0ab04b4
6adc4e7427123ef89632e0566bdaf91ff124426f33dc61a0644d863c180241c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c569f03f46793112ba2d697933e11647433d4dd2f681fffe7e33ddc578005b8
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
7399a1169c4b821ff180eb5f0d9dc7db37e96504876e0f323275cba4998bd6b9
7a4e077c2bc0742ede658026ebe00951abf086be1412c7f5b3d7d863846c8c0d
7dcdcaed9b3c2a4fc5053f65fa21b30b90ef28f42d6776e5c6819e3e6567a633
7f7949ca211ec474c4a841bbb27df64c935f09a0bd218daad4c70e6f1e6a2267
897ebf15658ff7b8eb0b9a8418282e6074aef3da3ddcb24f7961ea1b05003ef0
8a5414cec4ab066f01e2760419642555e60ca820aadc844ef15fda6c64702ce1
8a9035bd6843c3741e99550c5d529efff8798e91b24699a430104ad08176be1c
98f63c2b7bcda1b666ad36f1a19152c28d974740c44788097c1dfde2e6be0580
99bff3099e868f314c0db8e43094fd7d01ebc2ee8311fb4214fef839e70ca8ac
9e85e22ecdde9d73476a3faafbce86542d7978de101b7fbd0b63d26db9a3e8d2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5aa98b2471cadd0fec49be1bf3b9b3f48bea8c2fc9ed81c29d91207903ae36e
a83a170b0bf8ade4ddd4b06e9608affba850add46f09eb0c87eb5e65c3b03afb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab5d2838ea539e21ffd8bafec816826e2ea9dff6544d1a175c0c0e3c5666871a
ac1c70ddd7f18e58360f537527123d5147da87648dcb9587f11440b0880e8b59
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b28fffa08bea0e4879a1451f5c7d08374bfa0975915b21789f904c0182bc598c
b6f09fd8cfe8e3b91db873ca7654ae685a98a8ae427ee0714ca36323a03c6961
bce0c6b78a977072b55df8990a3f007487db4d25e635d1861d675e3ab732b32c
c0bf8b59e37684b91743310638f86907c278bcabeb470587a79c5791c43ec583
c87d0efd96bc62844535855660000bbe49e9c50a979ee02606358a2b52948665
cb03fec863af5dc66af02a17bcdedc2a115d5a2807bdc46438bb43db93a33988
cca4dc00fec8b00bf708f309c110794e7e542c60351805508735c3e6eba575fe
cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3
d122ff2882348bab89dc17dc23336888259365fe64bc64578087e3ff6e167161
d49e24b2e9a486162e24d1feb0b68c7a386be42a0ac65a801aaa06ed5f4e78ef
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
db37a9925656a25a2b62e3c6380862458f720695dccb061c573925e180affea6
dd42c2a74de12d5bac5d49951cc39ed5e2c5fb3a4b03087d485f4067a9877ec9
e0cf5e7e432ee3712256a0d3296aae1eadc28f31504461f8613f4fc4b7993d64
e286f2c3615188785f7c7f9e8b4a6a327f9e17f67e46415624e3e9104b2c6ddb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1f4a55240192d69ac6e5b6394259119d73e323d6d52b662945dcafdc1c1023
eb8bb874ced68a143fee84a02bd867070bdada50718cddbf7cab321a4434e37b
ebe9c5f0cfdfe5357f1b51351b5acf7e0f16f8331064ed41648b70c0da2145db
ec73bba3e641d5bb819f6b6a57596a360e9ab9ea388782b767a003ae22a3ae97
f0e4da5e33f4ed61ba806b2fc6735bb664af7fc13bd08dc947bbdc994a4855ad
f10ae9dc60348404f8e403059538255e17d07df935ca834605746d12dea06e00
f618c31811edd94f21c37ae2183c5ab7017c9528cd62c321db47fd1c2aad17e0
f65eb1b6d88932f88bc5de980642f0746ebf3dd0e7ccadb01744dc9344822f4c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb52c9044727804fc001efc14e655ecddd68149a76c4f9a9f1ebdcefefe948f0
fd7eee9cbe842a9e78481b6c158a28abc33ea5ff51d4eb062ca494d1ee9f4449

canadapayment.online Open in urlscan Pro 209.145.56.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

86 %HTTPS

75 %IPv6

11 Domains

16 Subdomains

13 IPs

5 Countries

5975 kBTransfer

6919 kBSize

4 Cookies

4 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

canadapayment.online Open in urlscan Pro
209.145.56.77 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

86 %
HTTPS

75 %
IPv6

11
Domains

16
Subdomains

13
IPs

5
Countries

5975 kB
Transfer

6919 kB
Size

4
Cookies

95 HTTP transactions
0 data transactions